CVE-2009-0769

Name of the Vulnerable Software and Affected Versions QIP 2005 build 8082

Description The issue allows remote attackers to cause a denial of service, resulting in CPU consumption and application hang, via a crafted Rich Text Format (RTF) ICQ message. This can be achieved by sending a specially crafted ICQ message, such as one containing {rtfpict&&}, which exploits an error in the processing of ICQ messages. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations For QIP 2005 build 8082, consider avoiding the use of Rich Text Format (RTF) in ICQ messages until a fix is available. As a temporary workaround, restricting the processing of ICQ messages in RTF format may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.