[原文]Memory leak in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service via multiple DCC packets with a code other than 2 and a large size field, which allocates memory for the packet but does not free it after the packet has been dropped.
Gadu-Gadu DCC Packet Saturation Thread Exhaustion DoS
Remote / Network Access
Denial of Service
Loss of Availability
Gadu-Gadu contains a flaw that may allow a remote denial of service. The issue is triggered when multiple crafted DCC packets process and consume a large amount of resources, and will result in loss of availability for the service.
Upgrade to version 7.0 (build 22) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.