Summary Remote DoS in multiple protocols
Date 2009-03-20
CVE Number CVE-2009-1375
Discovered By Josef Andrysek
Fixed In Release 2.5.6


A buffer maintained by PurpleCircBuffer may be corrupted if it’s exactly full and then more bytes are added to it, leading to a crash. This structure is used by the XMPP and Sametime protocol plugins.


PurpleCircBuffer now correctly checks bounds.

Looking to reach us via XMPP? Check out the new PidginChat service!