IMFreedom Security

Description

A malicious server or man-in-the-middle could trigger a crash in libpurple by sending an emoticon with an overly large length value.

Mitigation

Verify that the length value is valid before attempting to read data from the buffer.