Description
The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier
versions, allows remote attackers to cause a denial of service (application
crash) via a string that contains malformed HTML, which causes an out-of-bounds
read.
Mitigation
The function was changed to not allow the out-of-bounds read.