Computer Security

libpurple buffer overflow
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



libpurple buffer overflow
Published:01.09.2008
Source:BUGTRAQ
SecurityVulns ID:9250
Type:library
Level:6/10
Description:Buffer overflow on MSN SLP messages parsing.
Affected:PIDGIN : Pidgin 2.4
CVE:CVE-2008-2927 (Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 allow remote attackers to execute arbitrary code via a malformed SLP message, a different vulnerability than CVE-2008-2955.)
Original documentdocumentZDI, ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability (01.09.2008)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru