Pidgin Security Advisory
| Title | AIM/ICQ remote denial of service |
|---|
| Date | 2005-02-17 |
|---|
| CVE Name | CVE-2005-0472 |
|---|
| Discovered By | Brandon Scott ("Xeon") |
|---|
| Summary | Client freezes when receiving certain invalid messages |
|---|
| Description | Certain malformed SNAC packets sent by other AIM or ICQ users can trigger an infinite loop in Gaim when parsing the SNAC. The remote user would need a custom client, able to generate malformed SNACs. |
|---|
| Fixed in Version | 1.1.3 |
|---|
| Fix | The OSCAR protocol plugin was modified to drop these malformed packets. |
|---|
Return to Security Advisory Index
