Summary | AIM/ICQ away message buffer overflow |
---|---|
Date | 2005-08-11 |
CVE Number | CVE-2005-2103 |
Discovered By | Brandon Perry |
Fixed In Release | 1.5.0 |
A remote AIM or ICQ user can cause a buffer overflow in Gaim by setting an away
message containing many AIM substitution strings (such as %t
or %n
).
The substitution function was modified to use a dynamic buffer instead of one with a fixed size.