hugo/content/about/security/advisories/cve-2005-1261-00.md

Thu, 02 Jan 2025 16:35:59 -0600

author
Gary Kramlich <grim@reaperworld.com>
date
Thu, 02 Jan 2025 16:35:59 -0600
changeset 545
cf811d26020d
parent 394
c83367e9b2db
permissions
-rw-r--r--

Add a flathub verification token

Testing Done:
Ran with `npm run hugo:server` and verified the file was served properly.

Reviewed at https://reviews.imfreedom.org/r/3718/

---
title: cve-2005-1261-00
date: 2005-05-10T00:00:00.000Z
cveNumber: cve-2005-1261
summary: Remote crash on some protocols
discoveredBy: Stu Tomlinson
fixedInRelease: 1.3.0
type: security
layout: cve
hidden: true
---

### Description

It is possible for a remote user to overflow a static buffer by sending an IM
containing a very large URL (greater than 8192 bytes) to the Gaim user. This is
not possible on all protocols, due to message length restrictions. Jabber are
SILC are known to be vulnerable.

### Mitigation

The URL parsing function was modified to not use a static buffer.

mercurial