Pidgin Security Advisory

TitleRTF message buffer overflow
CVE NameCVE-2004-0785
Discovered BySean ("infamous42md")
SummaryInvalid rich text format messages could cause a buffer overflow.
DescriptionBuffer overflow. There are some loops that read into fixed-sized buffers and do not check to make sure they are not writing too much.
Fixed in Version0.82
FixAdded bounds checking to the two loops.

Return to Security Advisory Index