CVE-2003-0163

Name of the Vulnerable Software and Affected Versions: Gaim-Encryption GAIM plugin version 1.15 and earlier

Description: The issue is related to the decrypt msg function, which does not properly validate a message length parameter. This allows remote attackers to cause a denial of service (crash) by sending a message with a negative length, resulting in the overwrite of arbitrary heap memory with a zero byte.

Recommendations: For Gaim-Encryption GAIM plugin version 1.15 and earlier, consider disabling the decrypt msg function until a patch is available to prevent potential denial of service attacks.