Debian Linux Security Advisory 2852-1 - Yves Younan and Ryan Pentney discovered that libgadu, a library for accessing the Gadu-Gadu instant messaging service, contained an integer overflow leading to a buffer overflow. Attackers which impersonate the server could crash clients and potentially execute arbitrary code.
33655ae8e1e1c8922dd3c81fa0835f2f84a392b08cdf84bc8864c31c0f1f249a