Looking to reach us via XMPP? Check out the new PidginChat service!


Summary AIM/ICQ remote denial of service
Date 2005-02-17
CVE Number CVE-2005-0472
Discovered By Brandon Scott ("Xeon")
Fixed In Release 1.1.3


Certain malformed SNAC packets sent by other AIM or ICQ users can trigger an infinite loop in Gaim when parsing the SNAC. The remote user would need a custom client, able to generate malformed SNACs.


The OSCAR protocol plugin was modified to drop these malformed packets.