HGKeeper

Fix the date on the 2023 Q3 state of the bird
default tip
3 weeks ago, Gary Kramlich

4a261d8e9db1

Fix the date on the 2023 Q3 state of the bird

Testing Done:
Eyeball tests.

Reviewed at https://reviews.imfreedom.org/r/2791/

---

title: cve-2010-1624-00

date: 2010-05-12T00:00:00.000Z

cveNumber: cve-2010-1624

summary: MSN emoticon denial of service

discoveredBy: Pierre Noguès of Meta Security

fixedInRelease: 2.7.0

type: security

layout: cve

hidden: true

---

### Description

A vulnerability was discovered in libpurple's MSN protocol plugin that can cause

a denial of service (crash) due to insufficient validation of certain SLP

packets related to custom emoticons. An attacker could use this vulnerability to

remotely crash a client using libpurple for MSN. It is not possible for this

vulnerability to be exploited for code execution. As a workaround, disabling

custom emoticons on MSN accounts will prevent the vulnerability.

### Mitigation

Validation has been added to the MSN plugin to prevent the crash.