| Summary | ICQ and maybe AIM remote crash |
|---|---|
| Date | 2009-10-16 |
| CVE Number | CVE-2009-3615 |
| Discovered By | nightwing666 in ticket |
| Fixed In Release | 2.6.3 |
A specially crafted message can trigger an incorrect memory access in the oscar protocol plugin which can lead to a crash. This happens when the SIM IM client attempts to send contacts to a libpurple user.
Check for the correct number of fields before attempting to dereference memory.