IMFreedom Security

Description

The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.

Mitigation

The function was changed to not allow the out-of-bounds read.