[原文]Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for the "imgcache\" string that is added to the end of the buffer.
A remote overflow exists in Gadu-Gadu. The online chat system fails to check the length of the file name of images, resulting in a stack based buffer overflow. With a specially crafted request, an attacker can cause an overflow of 9 bytes resulting in a loss of availability.
Update to version 7 build 22 or higher, as it potentially fixes this vulnerability. At this time, the vendor has not acknowledged the issue or verified a fix is available.