HGKeeper

Fix the date on the 2023 Q3 state of the bird
default tip
3 weeks ago, Gary Kramlich

4a261d8e9db1

Fix the date on the 2023 Q3 state of the bird

Testing Done:
Eyeball tests.

Reviewed at https://reviews.imfreedom.org/r/2791/

---

title: cve-2006-4996-00

date: 2007-09-27T00:00:00.000Z

cveNumber: cve-2007-4996

summary: MSN Remote "Nudge" DoS

discoveredBy: Evan Schoenberg

fixedInRelease: 2.2.1

type: security

layout: cve

hidden: true

---

### Description

A remote MSN user that is not on the buddy list can cause a denial of service

(crash) by sending a nudge message. The protocol plugin attempts to look up the

buddy's information and accesses an invalid memory location if the user is not

on the buddy list. This only affects libpurple version 2.2.0, older versions

are not affected.

### Mitigation

The nudge functionality in the MSN protocol has been rewritten to avoid an

unnecessary lookup of buddy information.