Denial of Service Vulnerability in Pidgin's XMPP Protocol Plugin
CVE-2009-3085

Currently unrated

Key Information:

Vendor

Pidgin

Status
Libpurple
Pidgin
Vendor
CVE Published:
8 September 2009

What is CVE-2009-3085?

The XMPP protocol plugin within libpurple in Pidgin prior to version 2.6.2 contains a flaw in handling error IQ stanzas during the fetching of custom smileys. This vulnerability allows attackers to exploit malformed XHTML-IM content with cid: images, leading to a denial of service that can cause the application to crash.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/36601
third-party-advisoryx_refsource_SECUNIA
http://developer.pidgin.im/viewmtn/revision/info/fd595561...
x_refsource_CONFIRM
http://www.pidgin.im/news/security/index.php?id=37
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.