CVE-2009-1375: Buffer Overflow
First published: Tue May 12 2009(Updated: )
A flaw was found in the way Pidgin's PurpleCircBuffer object is expanded. If the buffer is full when more data arrives, it results in corruption of the data stored in the buffer. This corrupt data could possibly result in confusing or misleading data being presented to the user, or possibly crash Pidgin.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Pidgin Pidgin | =2.1.0 | |
| Pidgin Pidgin | =2.5.2 | |
| Pidgin Pidgin | =2.5.1 | |
| Pidgin Pidgin | =2.0.1 | |
| Pidgin Pidgin | =2.4.2 | |
| Pidgin Pidgin | =2.5.4 | |
| Pidgin Pidgin | =2.2.2 | |
| Pidgin Pidgin | =2.1.1 | |
| Pidgin Pidgin | =2.3.1 | |
| Pidgin Pidgin | =2.4.3 | |
| Pidgin Pidgin | =2.0.0 | |
| Pidgin Pidgin | =2.0.2 | |
| Pidgin Pidgin | =2.0.2 | |
| Pidgin Pidgin | =2.3.0 | |
| Pidgin Pidgin | =2.4.1 | |
| Pidgin Pidgin | =2.4.0 | |
| Pidgin Pidgin | <=2.5.5 | |
| Pidgin Pidgin | =2.5.0 | |
| Pidgin Pidgin | =2.2.0 | |
| Pidgin Pidgin | =2.2.1 | |
| Pidgin Pidgin | =2.5.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.pidgin.im/news/security/?id=31
- http://www.redhat.com/support/errata/RHSA-2009-1060.html
- https://bugzilla.redhat.com/show_bug.cgi?id=500491
- http://www.securityfocus.com/bid/35067
- http://secunia.com/advisories/35194
- http://secunia.com/advisories/35202
- http://secunia.com/advisories/35188
- http://www.vupen.com/english/advisories/2009/1396
- http://secunia.com/advisories/35215
- http://debian.org/security/2009/dsa-1805
- http://osvdb.org/54649
- http://www.gentoo.org/security/en/glsa/glsa-200905-07.xml
- https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00033.html
- https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00051.html
- http://www.ubuntu.com/usn/USN-781-1
- https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00075.html
- http://secunia.com/advisories/35294
- http://secunia.com/advisories/35329
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:173
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50683
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10829
- http://www.pidgin.im/news/security//?id=31
- https://rhn.redhat.com/errata/RHSA-2009-1060.html
- http://admin.fedoraproject.org/updates/pidgin-2.5.6-1.fc9
- http://rhn.redhat.com/errata/RHSA-2009-1060.html
- https://admin.fedoraproject.org/updates/F10/FEDORA-2009-5597
- https://admin.fedoraproject.org/updates/F11/FEDORA-2009-5583
- https://admin.fedoraproject.org/updates/F9/FEDORA-2009-5552
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/tags
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2009-1375
- vendor/pidgin
- canonical/pidgin pidgin
- version/pidgin pidgin/2.1.0
- version/pidgin pidgin/2.5.2
- version/pidgin pidgin/2.5.1
- version/pidgin pidgin/2.0.1
- version/pidgin pidgin/2.4.2
- version/pidgin pidgin/2.5.4
- version/pidgin pidgin/2.2.2
- version/pidgin pidgin/2.1.1
- version/pidgin pidgin/2.3.1
- version/pidgin pidgin/2.4.3
- version/pidgin pidgin/2.0.0
- version/pidgin pidgin/2.0.2
- version/pidgin pidgin/2.3.0
- version/pidgin pidgin/2.4.1
- version/pidgin pidgin/2.4.0
- version/pidgin pidgin/2.5.5
- version/pidgin pidgin/2.5.0
- version/pidgin pidgin/2.2.0
- version/pidgin pidgin/2.2.1
- version/pidgin pidgin/2.5.3