CVE-2004-0891

Name of the Vulnerable Software and Affected Versions: gaim versions 0.79 through 1.0.1

Description: The issue is related to a buffer overflow in the MSN protocol handler, which can be triggered by a remote attacker sending an unexpected sequence of MSNSLP messages. This results in an unbounded copy operation that writes to the wrong buffer, potentially causing a denial of service (application crash) and possibly allowing the execution of arbitrary code.

Recommendations: For gaim versions 0.79 through 1.0.1, at the moment, there is no information about a newer version that contains a fix for this issue.