[Pidgin] #3568: BMP file memory DoS vulnerability
Pidgin
trac at pidgin.im
Mon Oct 15 18:15:52 EDT 2007
#3568: BMP file memory DoS vulnerability
---------------------+------------------------------------------------------
Reporter: kuscsikp | Owner: MarkDoliner
Type: defect | Status: new
Priority: minor | Component: ICQ
Version: 2.2.1 | Keywords: BMP DoS
Pending: 0 |
---------------------+------------------------------------------------------
Pidgin is vulnerable to TinyBMP DoS attack.
If we try to send (by "insert image") a
corrupt bmp file, like this:
158.197.33.91/~kuscsikp/overflow/1.bmp
, the memory usage can be high on both sides.
--
Ticket URL: <http://developer.pidgin.im/ticket/3568>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list