libpurple -- Remote DoS via an MSN OIM message that lacks UTF-8 encoding

2012-03-15T00:00:00
ID 7289214F-7C55-11E1-AB3B-000BCDF0A03B
Type freebsd
Reporter FreeBSD
Modified 2012-03-15T00:00:00

Description

US-CERT reports:

The msn_oim_report_to_user function in oim.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.2 allows remote servers to cause a denial of service (application crash) via an OIM message that lacks UTF-8 encoding.