Computer Security
[EN] no-pyccku

pidgin / libpurple security vulnerabilities
updated since 17.03.2012
SecurityVulns ID:12253
Threat Level:
Description:DoS via XMPP and MSN messages, local information leakage.
Affected:PIDGIN : Pidgin 2.10
CVE:CVE-2012-1178 (The msn_oim_report_to_user function in oim.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.2 allows remote servers to cause a denial of service (application crash) via an OIM message that lacks UTF-8 encoding.)
 CVE-2011-4939 (The pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin before 2.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by changing a nickname while in an XMPP chat room.)
Original documentdocumentDimitris Glynos, pidgin OTR information leakage (19.03.2012)
 documentMANDRIVA, [ MDVSA-2012:029 ] pidgin (17.03.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod