| Summary | Finch XMPP MUC crash |
|---|---|
| Date | 2010-02-18 |
| CVE Number | CVE-2010-0420 |
| Discovered By | Sadrul Habib Chowdhury |
| Fixed In Release | 2.6.6 |
If a user in a multi-user chat room has a nickname containing <br> then
libpurple ends up having two users with username in the room, and Finch
crashes in this situation. We do not believe there is a possibility of remote
code execution.
Correctly parse <br> so that it appears literally rather than as .