Gaim: Multiple Denial of Service issues Multiple vulnerabilities have been found in Gaim which could allow a remote attacker to crash the application. gaim 2005-03-01 2005-03-01 83253 remote 1.1.4 1.1.4

Gaim is a full featured instant messaging client which handles a variety of instant messaging protocols.

Specially crafted SNAC packets sent by other instant-messaging users can cause Gaim to loop endlessly (CAN-2005-0472). Malformed HTML code could lead to invalid memory accesses (CAN-2005-0208 and CAN-2005-0473).

Remote attackers could exploit these issues, resulting in a Denial of Service.

There is no known workaround at this time.

All Gaim users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=net-im/gaim-1.1.4" CAN-2005-0208 CAN-2005-0472 CAN-2005-0473 koon DerCorny koon