cve-2005-0965-00

Summary Remote DoS on receiving malformed HTML
Date 2005-04-02
CVE Number CVE-2005-0965
Discovered By Jean-Yves Lefort
Fixed In Release 1.2.1

Description

The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.

Mitigation

The function was changed to not allow the out-of-bounds read.

Looking to reach us via XMPP? Check out the new PidginChat service!