Joerg Kurlbaum

**Name of the Vulnerable Software and Affected Versions** Gaim-Encryption version 2.38-1 **Description** The issue allows remote attackers to cause a denial of service, resulting in a crash, by sending a crafted message from an ICQ buddy. This might involve the `GE received key` function in keys.c. **Recommendations** For Gaim-Encryption version 2.38-1, consider disabling the `GE received key` function in keys.c as a temporary workaround until a patch is available. Restrict access to ICQ buddy messages to minimize the risk of exploitation.