A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin. Specially crafted data sent via the server could potentially result in a buffer overflow, potentially resulting in memory corruption. A malicious server or an unfiltered malicious user can send negative length values to trigger this vulnerability.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "finch", "binary_version": "1:2.10.9-0ubuntu3.3" }, { "binary_name": "finch-dbgsym", "binary_version": "1:2.10.9-0ubuntu3.3" }, { "binary_name": "finch-dev", "binary_version": "1:2.10.9-0ubuntu3.3" }, { "binary_name": "libpurple-bin", "binary_version": "1:2.10.9-0ubuntu3.3" }, { "binary_name": "libpurple-dev", "binary_version": "1:2.10.9-0ubuntu3.3" }, { "binary_name": "libpurple0", "binary_version": "1:2.10.9-0ubuntu3.3" }, { "binary_name": "libpurple0-dbgsym", "binary_version": "1:2.10.9-0ubuntu3.3" }, { "binary_name": "pidgin", "binary_version": "1:2.10.9-0ubuntu3.3" }, { "binary_name": "pidgin-data", "binary_version": "1:2.10.9-0ubuntu3.3" }, { "binary_name": "pidgin-dbg", "binary_version": "1:2.10.9-0ubuntu3.3" }, { "binary_name": "pidgin-dbgsym", "binary_version": "1:2.10.9-0ubuntu3.3" }, { "binary_name": "pidgin-dev", "binary_version": "1:2.10.9-0ubuntu3.3" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "finch", "binary_version": "1:2.10.12-0ubuntu5.1" }, { "binary_name": "finch-dbgsym", "binary_version": "1:2.10.12-0ubuntu5.1" }, { "binary_name": "finch-dev", "binary_version": "1:2.10.12-0ubuntu5.1" }, { "binary_name": "libpurple-bin", "binary_version": "1:2.10.12-0ubuntu5.1" }, { "binary_name": "libpurple-dev", "binary_version": "1:2.10.12-0ubuntu5.1" }, { "binary_name": "libpurple-dev-dbgsym", "binary_version": "1:2.10.12-0ubuntu5.1" }, { "binary_name": "libpurple0", "binary_version": "1:2.10.12-0ubuntu5.1" }, { "binary_name": "libpurple0-dbgsym", "binary_version": "1:2.10.12-0ubuntu5.1" }, { "binary_name": "pidgin", "binary_version": "1:2.10.12-0ubuntu5.1" }, { "binary_name": "pidgin-data", "binary_version": "1:2.10.12-0ubuntu5.1" }, { "binary_name": "pidgin-dbg", "binary_version": "1:2.10.12-0ubuntu5.1" }, { "binary_name": "pidgin-dbgsym", "binary_version": "1:2.10.12-0ubuntu5.1" }, { "binary_name": "pidgin-dev", "binary_version": "1:2.10.12-0ubuntu5.1" } ] }