FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gaim -- AIM/ICQ remote denial of service vulnerability

Affected packages
gaim < 1.1.3
ja-gaim < 1.1.3
ko-gaim < 1.1.3
ru-gaim < 1.1.3


VuXML ID 8b0e94cc-b5cd-11d9-a788-0001020eed82
Discovery 2005-02-17
Entry 2005-04-25

The GAIM team reports that GAIM is vulnerable to a denial-of-service vulnerability which can cause GAIM to freeze:

Certain malformed SNAC packets sent by other AIM or ICQ users can trigger an infinite loop in Gaim when parsing the SNAC. The remote user would need a custom client, able to generate malformed SNACs.


CVE Name CVE-2005-0472