cve-2010-2528-00

Summary ICQ X-Status denial of service
Date 2010-07-21
CVE Number CVE-2010-2528
Discovered By Mark Doliner
Fixed In Release 2.7.2

Description

Certain incorrectly formed X-Status messages can cause libpurple to attempt to dereference a NULL pointer, which triggers a crash.

Mitigation

Improve the parsing of the X-Status message to be more robust.

We've launched the new site. Think we're missing something?
Read the blog post or Go to the old site