Gaim Buddy Pounce Font Size Client DoS

2003-06-26T00:00:00
ID OSVDB:8628
Type osvdb
Reporter Stephen Melvin(jinksys444@users.sourceforge.net)
Modified 2003-06-26T00:00:00

Description

Vulnerability Description

gaim contains a flaw that may allow a remote denial of service. The issue is triggered due to the 'buddy pounce' feature. It is possible for a remote attacker to add a buddy and to create a specially crafted buddy pounce message containing a HTML FONT SIZE tag with a value of 10,000, which causes the application to crash when the victim receives the message.

Solution Description

Upgrade to latest version, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

gaim contains a flaw that may allow a remote denial of service. The issue is triggered due to the 'buddy pounce' feature. It is possible for a remote attacker to add a buddy and to create a specially crafted buddy pounce message containing a HTML FONT SIZE tag with a value of 10,000, which causes the application to crash when the victim receives the message.

References:

Vendor URL: http://gaim.sourceforge.net/ Vendor Specific Advisory URL