FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gaim -- Content-Length header denial-of-service vulnerability

Affected packages
gaim < 0.82
ja-gaim < 0.82
ko-gaim < 0.82
ru-gaim < 0.82
20030000 < gaim


VuXML ID ad61657d-26b9-11d9-9289-000c41e2cdad
Discovery 2004-08-26
Entry 2004-10-25

Sean infamous42md reports:

When a remote server provides a large "content-length" header value, Gaim will attempt to allocate a buffer to store the content, however this allocation attempt will cause Gaim to crash if the length exceeds the amount of possible memory. This happens when reading profile information on some protocols. It also happens when smiley themes are installed via drag and drop.