ZDI-CAN-338: libpurple MSN Protocol SLP Message Heap Overflow Vulnerability
Richard Laager
rlaager at pidgin.im
Thu Jun 26 13:28:38 EDT 2008
On Thu, 2008-06-26 at 12:14 -0500, Mark Doliner wrote:
> I think the vulnerability is valid, but I think our fix needs to make sure
> we're not wrapping back to 0.
Any idea on the right way to do that?
Richard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://pidgin.im/cgi-bin/mailman/private/packagers/attachments/20080626/efab1873/attachment.pgp
More information about the Packagers
mailing list