Red Hat Bugzilla – Bug 135678
CAN-2004-0891 MSN protocol buffer overflow.
Last modified: 2007-11-30 17:07:04 EST
Buffer overflow when receiving unexpected sequence of MSNSLP messages
Affected code: src/protocols/msn/slplink.c memcpy was used without
checking the size of the buffer before copying to it. Additionally, a
logic flaw was causing the wrong buffer to be used as the destination
for the copy under certain circumstances.
This issue affects gaim 0.79-1.0.1
public, removing embargo
An errata has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.