Summary | ICQ and maybe AIM remote crash |
---|---|
Date | 2009-10-16 |
CVE Number | CVE-2009-3615 |
Discovered By | nightwing666 in ticket |
Fixed In Release | 2.6.3 |
A specially crafted message can trigger an incorrect memory access in the oscar protocol plugin which can lead to a crash. This happens when the SIM IM client attempts to send contacts to a libpurple user.
Check for the correct number of fields before attempting to dereference memory.