Summary AIM/ICQ away message buffer overflow
Date 2005-08-11
CVE Number CVE-2005-2103
Discovered By Brandon Perry
Fixed In Release 1.5.0


A remote AIM or ICQ user can cause a buffer overflow in Gaim by setting an away message containing many AIM substitution strings (such as %t or %n).


The substitution function was modified to use a dynamic buffer instead of one with a fixed size.

Looking to reach us via XMPP? Check out the new PidginChat service!