FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gaim -- remote DoS on receiving malformed HTML

Affected packages
gaim < 1.2.1
ja-gaim < 1.2.1
ko-gaim < 1.2.1
ru-gaim < 1.2.1


VuXML ID 3fa2b372-a9f5-11d9-a788-0001020eed82
Discovery 2005-04-02
Entry 2005-04-10

The GAIM team reports:

The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.


Bugtraq ID 12999
CVE Name CVE-2005-0965