Gaim Vulnerability
| Title | AIM/ICQ remote denial of service |
|---|
| Date | 17 February 2005 |
|---|
| CVE Name | CAN-2005-0472 |
|---|
| Discovered By | Brandon Scott ("Xeon") |
|---|
| Summary | Client freezes when receiving certain invalid messages |
|---|
| Description | Certain malformed SNAC packets sent by other AIM or ICQ users can trigger an infinite loop in Gaim when parsing the SNAC. The remote user would need a custom client, able to generate malformed SNACs. |
|---|
| Fixed in Version | 1.1.3 |
|---|
| Fix | The OSCAR protocol plugin was modified to drop these malformed packets. |
|---|
Return to Index of Vulnerabilities
Gaim
