Summary ICQ X-Status denial of service
Date 2010-07-21
CVE Number CVE-2010-2528
Discovered By Mark Doliner
Fixed In Release 2.7.2


Certain incorrectly formed X-Status messages can cause libpurple to attempt to dereference a NULL pointer, which triggers a crash.


Improve the parsing of the X-Status message to be more robust.

We've launched the new site. Think we're missing something?
Read the blog post or Go to the old site