First published: Tue Oct 21 2014(Updated: )
It flaw was reported in the way Groupwise server messages were parsed. A malicious server or man-in-the-middle attacker could send a specially-crafted message that could cause Pidgin to attempt to allocate an excessive amount of memory, possibly leading to a crash. Acknowledgements: Name: the Pidgin project Upstream: Yves Younan (Cisco Talos), Richard Johnson (Cisco Talos)
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Pidgin Pidgin | <=2.10.9 | |
Pidgin Pidgin | =2.10.0 | |
Pidgin Pidgin | =2.10.1 | |
Pidgin Pidgin | =2.10.2 | |
Pidgin Pidgin | =2.10.3 | |
Pidgin Pidgin | =2.10.4 | |
Pidgin Pidgin | =2.10.5 | |
Pidgin Pidgin | =2.10.6 | |
Pidgin Pidgin | =2.10.7 | |
Pidgin Pidgin | =2.10.8 | |
redhat/pidgin | <2.10.10 | 2.10.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.