Gaim IRC Protocol Plug-in Markup Language Injection Vulnerability

Gaim IRC protocol plug-in is reported prone to an input-validation vulnerability. The issue is reported to occur because of a lack of sufficient sanitization performed on 'irc_msg' data.

A remote attacker may exploit this vulnerability to execute arbitrary Gaim and Pango Markup language in the context of the user that is running the affected software.

This vulnerability is reported to affect Gaim version 1.2.0 and previous versions.


 

Privacy Statement
Copyright 2010, SecurityFocus