cve-2005-2102-00

Summary AIM/ICQ non-UTF-8 filename crash
Date 2005-08-11
CVE Number CVE-2004-0500
Discovered By Unknown
Fixed In Release 1.5.0

Description

A remote user could cause Gaim to crash on some systems by sending the Gaim user a file whose filename contains certain invalid characters. It is unknown what combination of systems are affected, but it is suspected that Windows users and systems with older versions of GTK are especially susceptible.

Mitigation

The filename is validated as UTF-8 before Gaim attemps to display it.

We've launched the new site. Think we're missing something?
Read the blog post or Go to the old site