First published: Wed Oct 29 2014(Updated: )
Absolute path traversal vulnerability in the untar_block function in win32/untar.c in Pidgin before 2.10.10 on Windows allows remote attackers to write to arbitrary files via a drive name in a tar archive of a smiley theme.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Pidgin Pidgin | <=2.10.9 | |
Pidgin Pidgin | =2.10.0 | |
Pidgin Pidgin | =2.10.1 | |
Pidgin Pidgin | =2.10.2 | |
Pidgin Pidgin | =2.10.3 | |
Pidgin Pidgin | =2.10.4 | |
Pidgin Pidgin | =2.10.5 | |
Pidgin Pidgin | =2.10.6 | |
Pidgin Pidgin | =2.10.7 | |
Pidgin Pidgin | =2.10.8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.