Remote crash in ICQ

Josh Bressers bressers at redhat.com
Sun Jun 28 07:48:12 EDT 2009


----- "John Bailey" <rekkanoryo at rekkanoryo.org> wrote:

> Warren Togami wrote:
> > Do we need a CVE number for this?
> 
> I leave this as an excercise for everyone else to determine.
> 

Is this just a crash? My understanding is that we end up with a huge malloc,
which fails or causes the OOM to kick in?

A crash like this can go both ways. If the default ICQ setting is to let any
user message you, it's probably an issue, but if it's only people on your
buddy list, not so much.

Thanks.

-- 
    JB



More information about the Packagers mailing list