date: 2005-05-10T00:00:00.000Z
summary: Remote crash on some protocols
discoveredBy: Stu Tomlinson
It is possible for a remote user to overflow a static buffer by sending an IM
containing a very large URL (greater than 8192 bytes) to the Gaim user. This is
not possible on all protocols, due to message length restrictions. Jabber are
SILC are known to be vulnerable.
The URL parsing function was modified to not use a static buffer.