cve-2009-1375-00

Summary Remote DoS in multiple protocols
Date 2009-03-20
CVE Number CVE-2009-1375
Discovered By Josef Andrysek
Fixed In Release 2.5.6

Description

A buffer maintained by PurpleCircBuffer may be corrupted if it’s exactly full and then more bytes are added to it, leading to a crash. This structure is used by the XMPP and Sametime protocol plugins.

Mitigation

PurpleCircBuffer now correctly checks bounds.

We've launched the new site. Think we're missing something?
Read the blog post or Go to the old site