CVE-2007-0021
Format string vulnerability in Apple iChat 3.1.6 allows remote attackers to cause a denial of service (null pointer dereference and application crash) and possibly execute arbitrary code via format string specifiers in an aim:// URI.
Date published : 2007-01-22
http://lists.apple.com/archives/Security-announce/2007/Feb/msg00000.html