08-13-2005, 12:16 AM
|
||||
|
||||
|
Gaim Fixes Critical Security Flaws
Vulnerabilities in the open source instant-messaging client would allow attackers to crash the application or run malicious code on a user's PC - Gaim 1.5.0 fixes them
Users of Gaim, the multiplatform instant messaging application, should upgrade to a new version to protect themselves from three newly discovered security holes. Gaim 1.5.0 was released on Thursday. It fixes a flaw in the way Gaim processes a setting in AOL Instant Messenger (AIM) and ICQ showing a user is away from their machine. A malicious attacker could run a large number of "%n" symbols in their away message and trigger a buffer overflow when the Gaim user ran their mouse over this text. This could then allow the attacker to run malicious code on the Gaim user's PC. A second problem, in the way Gaim handled file transfers, could also be exploited to crash the application. The third flaw, in a protocol handler, was less serious and didn't affect users on x86 machines. The new version of Gaim can be downloaded from its homepage here. Source: ZDNet 
|
 |
«
Previous Topic
|
Next Topic
»
| Currently Active Users Viewing This Topic: 1 (0 members and 1 guests) | |
| Topic Tools | |
|
|
Similar Topics
|
||||
| Topic | Topic Starter | Forum | Replies | Last Post |
| AIM clients - How to put the lockdown on security! | WhiteMateria | AIM Support | 14 | 08-02-2008 06:05 PM |
| Plenty of IM Security Holes Left to Plug | BigBlueBall News | General / Other IM News | 0 | 10-31-2003 01:00 AM |
| Gaim Dev Responds to MSN Blockage | BigBlueBall News | Windows Live Messenger News | 0 | 08-23-2003 01:00 AM |
| IMSecure Pro by ZoneLabs | BLACK HAT | Online Privacy, Safety & Security | 2 | 08-13-2003 10:13 AM |
| AOL IM Security Hole: Sign of Things To Come? | BigBlueBall News | AIM News | 0 | 10-05-2001 01:00 AM |
All times are GMT -5. The time now is 07:46 AM.
