Summary URL decode buffer overflow
Date 2004-08-26
CVE Number CVE-2004-0785
Discovered By Sean (infamous42md)
Fixed In Release 0.82


Buffer overflow. The URL is decoded into a static buffer of length 2048 bytes. I’m not sure it’s possible to receive a URL longer than 2048 bytes, as many protocols have message limits that are shorter than that.


A check to make sure the source string is shorter than 2048 bytes is performed.

Looking to reach us via XMPP? Check out the new PidginChat service!