Computer Security
[EN] securityvulns.ru no-pyccku


libpurple library / Pidgin DoS
Published:24.10.2010
Source:
SecurityVulns ID:11214
Type:library
Threat Level:
5/10
Description:Crash on base64 decoding in different protocols.
Affected:PIDGIN : pidgin 2.7
 LIBPURPLE : libpurple 2.7
CVE:CVE-2010-3711 (libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins for MSN, MySpaceIM, XMPP, and Yahoo! and the NTLM authentication support.)
Original documentdocumentMANDRIVA, [ MDVSA-2010:208 ] pidgin (24.10.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod