Summary	NULL pointer dereference in parsing invalid HTML
Date	2007-10-24
CVE Number	CVE-2007-4999
Discovered By	Jeffrey Rosen
Fixed In Release	2.2.2

Description

A remote user can cause a denial of service (crash) by sending a message with invalid HTML. It is believed that this crash can be triggered only when using HTML logging.

Mitigation

The affected function has been patched to fix the vulnerability.

Previous
MSN Remote "Nudge" DoS

Next
Remote UPnP discovery DoS