Denial of Service Vulnerability in Pidgin MSN Protocol Plugin
CVE-2009-3083

Currently unrated

Key Information:

Vendor

Pidgin

Status
Libpurple
Pidgin
Vendor
CVE Published:
8 September 2009

What is CVE-2009-3083?

A vulnerability in the MSN protocol plugin of Pidgin before version 2.6.2 allows remote attackers to exploit a NULL pointer dereference when sending malformed SLP invite messages. This can lead to a crash of the application, resulting in a denial of service for users. The issue arises when certain required fields are missing from the SLP invite message, making it susceptible to crafted attacks from clients like KMess. To mitigate this vulnerability, it's crucial to update to the latest version of Pidgin.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://developer.pidgin.im/ticket/10159
x_refsource_CONFIRM
http://secunia.com/advisories/36601
third-party-advisoryx_refsource_SECUNIA
http://www.pidgin.im/news/security/index.php?id=39
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.