Gaim-Encryption Remote Heap Corruption Vulnerability

Gaim-Encryption Remote Heap Corruption Vulnerability

A vulnerability has been discovered in Gaim-Encryption 1.15 and earlier. An issue involving insufficient bounds checking may allow a remote attacker to corrupt heap memory. This issue could be triggered by constructing a packet with a negative length parameter. Successful exploitation of this issue may result in a denial of service. Code execution may also be possible, though this is unconfirmed.