Gaim contains a flaw in HTML processing that may result in an invalid memory access and denial of service condition.
From the Gaim project:
Gaim is a multi-protocol instant messaging (IM) client for Linux, BSD, MacOS X, and Windows. It is compatible with AIM and ICQ (Oscar protocol), MSN Messenger, Yahoo!, IRC, Jabber, Gadu-Gadu, SILC, GroupWise Messenger, and Zephyr networks
A remote attacker can cause Gaim to crash, causing a denial of service condition.
Apply an update
As a best practice and potential workaround, users should not accept unexpected messages from unknown sources.
Thanks to the Gaim project for reporting this vulnerability.
This document was written by Ken MacInnis based primarily on information from the Gaim project.
|Date First Published:||2005-02-28|
|Date Last Updated:||2005-02-28 21:12 UTC|