Pidgin Security Advisory

TitleRemote DoS on receiving malformed HTML
CVE NameCVE-2005-0965
Discovered ByJean-Yves Lefort
SummaryClient crash when receiving specific malformed HTML
DescriptionThe gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.
Fixed in Version1.2.1
FixThe function was changed to not allow the out-of-bounds read.

Return to Security Advisory Index