| Summary | AIM/ICQ away message buffer overflow |
|---|---|
| Date | 2005-08-11 |
| CVE Number | CVE-2005-2103 |
| Discovered By | Brandon Perry |
| Fixed In Release | 1.5.0 |
A remote AIM or ICQ user can cause a buffer overflow in Gaim by setting an away
message containing many AIM substitution strings (such as %t or %n).
The substitution function was modified to use a dynamic buffer instead of one with a fixed size.