| Summary | Remote DoS on receiving malformed HTML |
|---|---|
| Date | 2005-04-02 |
| CVE Number | CVE-2005-0965 |
| Discovered By | Jean-Yves Lefort |
| Fixed In Release | 1.2.1 |
The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier
versions, allows remote attackers to cause a denial of service (application
crash) via a string that contains malformed HTML, which causes an out-of-bounds
read.
The function was changed to not allow the out-of-bounds read.