FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gaim -- AIM/ICQ remote denial of service vulnerability

Affected packages
gaim < 1.1.3
ja-gaim < 1.1.3
ko-gaim < 1.1.3
ru-gaim < 1.1.3

Details

VuXML ID 8b0e94cc-b5cd-11d9-a788-0001020eed82
Discovery 2005-02-17
Entry 2005-04-25

The GAIM team reports that GAIM is vulnerable to a denial-of-service vulnerability which can cause GAIM to freeze:

Certain malformed SNAC packets sent by other AIM or ICQ users can trigger an infinite loop in Gaim when parsing the SNAC. The remote user would need a custom client, able to generate malformed SNACs.

[source]

References

CVE Name CVE-2005-0472
URL http://gaim.sourceforge.net/security/index.php?id=10

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.