Summary ICQ X-Status denial of service
Date 2010-07-21
CVE Number CVE-2010-2528
Discovered By Mark Doliner
Fixed In Release 2.7.2


Certain incorrectly formed X-Status messages can cause libpurple to attempt to dereference a NULL pointer, which triggers a crash.


Improve the parsing of the X-Status message to be more robust.

Looking to reach us via XMPP? Check out the new PidginChat service!