Bugs related to CVE-2011-4601

Mark Doliner mark at kingant.net
Thu May 3 04:54:49 EDT 2012


Hi Fabian.  Are you aware of any of these being remotely exploitable
by another AIM user?  Certainly we should validate UTF8 before
attempting to display it anywhere, but for most/all of these it seems
like it might not be possible for another user to trigger a crash.  I
think mtn_receive might be the only function that's triggered by
another user's actions, and in that case I believe the oscar server
adds the username to the packet (not the remote user).


More information about the security mailing list