| Summary | XMPP custom smiley parsing bug |
|---|---|
| Date | 2009-09-03 |
| CVE Number | CVE-2009-3085 |
| Discovered By | Florob, Waqas, Paul Aurich and Marcus Lundblad |
| Fixed In Release | 2.6.2 |
The XMPP protocol plugin can crash when attempting to process an error response as a custom smiley. libpurple 2.5.2 through 2.6.1 are vulnerable. Older versions may be vulnerable as well.
Handle error iq responses appropriately.