FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gaim -- remote DoS on receiving malformed HTML

Affected packages
gaim < 1.2.1
ja-gaim < 1.2.1
ko-gaim < 1.2.1
ru-gaim < 1.2.1

Details

VuXML ID 3fa2b372-a9f5-11d9-a788-0001020eed82
Discovery 2005-04-02
Entry 2005-04-10

The GAIM team reports:

The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.

[source]

References

Bugtraq ID 12999
CVE Name CVE-2005-0965
URL http://gaim.sourceforge.net/security/?id=13

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.