| Summary | QQ remote DoS |
|---|---|
| Date | 2009-05-03 |
| CVE Number | CVE-2009-1374 |
| Discovered By | Ka-Hing Cheung |
| Fixed In Release | 2.5.6 |
decrypt_out() always writes 8 bytes past the supplied buffer, which is always
allocated on the stack. We don’t believe this can cause anything outside of a
crash.
decrypt_out() is fixed to not write past the end of the buffer.