cve-2009-3025-00

Summary Yahoo IM parsing crash
Date 2009-08-22
CVE Number CVE-2009-3025
Discovered By adk
Fixed In Release 2.6.1

Description

Possibly depending on the architecture and/or flags used to compile libpurple, the Yahoo protocol plugin may crash when receiving an IM from any user which contains a URL. The only vulnerable version of libpurple is 2.6.0.

Mitigation

Correctly parse URLs in incoming Yahoo messages.

We've launched the new site. Think we're missing something?
Read the blog post or Go to the old site