cve-2008-2955-00

Summary MSN Remote file transfer filename DoS
Date 2008-06-25
CVE Number CVE-2008-2955
Discovered By Juan Pablo Lopez Yacubian
Fixed In Release 2.4.3

Description

A remote MSN user can cause a denial of service (crash) by sending a file with a file with a filename containing invalid characters. The local user must then accept the file transfer to trigger a double-free.

Mitigation

A fix was applied to ensure that the double-free didn’t occur.

We've launched the new site. Think we're missing something?
Read the blog post or Go to the old site