Pidgin Security Advisory

TitleAIM/ICQ away message buffer overflow
CVE NameCVE-2005-2103
Discovered ByBrandon Perry
SummaryRemote users can cause a buffer overflow
DescriptionA remote AIM or ICQ user can cause a buffer overflow in Gaim by setting an away message containing many AIM substitution strings (such as %t or %n).
Fixed in Version1.5.0
FixThe substitution function was modified to use a dynamic buffer instead of one with a fixed size.

Return to Security Advisory Index