| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6.1.2.0.0.20050224155941.03383ae0@localhost> From: lists at domain-logic.com (Randall Perry) Subject: GAIM exploit Platform: Windows (tested only on XP and 2000, might impact others) Application: GAIM v1.1.3 Synopsis: Cause remote crash of GAIM client. Scenario: By sending a file to another GAIM user, you can cause their GAIM client to crash and completely close GAIM down. Simply send a file to someone with parenthesis in it, and it will crash when they accept the download (the download does not even begin, it just crashes). Example: filename of gaim1.1(windows).exe will cause it to crash. I am still playing with the debug version of GAIM, and having just run through GTK updates to 2.4 I do not have time to digest and post those. So far, it looks like it has to do with libglib-2.0-0.dll I am following up with a post to GAIM developers with a complete report. http://www.domain-logic.com/ -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 266.4.0 - Release Date: 2/22/2005
Powered by blists - more mailing lists