Pidgin Security Advisory
| Title | Remote DoS on receiving malformed HTML |
|---|
| Date | 2005-04-02 |
|---|
| CVE Name | CVE-2005-0965 |
|---|
| Discovered By | Jean-Yves Lefort |
|---|
| Summary | Client crash when receiving specific malformed HTML |
|---|
| Description | The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read. |
|---|
| Fixed in Version | 1.2.1 |
|---|
| Fix | The function was changed to not allow the out-of-bounds read. |
|---|
Return to Security Advisory Index
