TechTarget

Hackers could exploit security flaw in Gaim IM client, warns Secunia

A critical security flaw in the internet messaging client Gaim could allow hackers to cause a denial of service, security experts have warned.

A critical security flaw in the internet messaging client Gaim could allow hackers to cause a denial of service, security experts have warned.

A security advisory from Secunia, which provides security advisories and information about patches, cautions that a flaw in the handling of away messages could be exploited to cause a heap-based buffer overflow by sending a specially crafted away message to a user logged into AIM or ICQ.

Successful exploitation would allow the execution of arbitrary code.

It adds that a file transfer bug could be exploited to crash the application by attempting to upload a file with a non-UTF8 filename to a user logged into AIM or ICQ.

Secunia said the problem could be fixed by updating version 1.5.0 of Gaim.

Red Hat has also issued an advisory alerting users to the vulnerabilities in Gaim, adding that a denial-of-service bug had been found in Gaim’s Gadu Gadu protocol handler, which could also be exploited to crash the application. But it said this issue only affected users running Gaim on PPC and IBM S/390 systems.

 

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close