cve-2005-0472-00

Summary AIM/ICQ remote denial of service
Date 2005-02-17
CVE Number CVE-2005-0472
Discovered By Brandon Scott ("Xeon")
Fixed In Release 1.1.3

Description

Certain malformed SNAC packets sent by other AIM or ICQ users can trigger an infinite loop in Gaim when parsing the SNAC. The remote user would need a custom client, able to generate malformed SNACs.

Mitigation

The OSCAR protocol plugin was modified to drop these malformed packets.

We've launched the new site. Think we're missing something?
Read the blog post or Go to the old site