Pidgin Security Advisory

TitleOut-of-bounds write when stripping xml
Date2017-03-09
CVE NameCVE 2017-2640
Discovered ByJoseph Bisch
DescriptionAn out-of-bounds write when invalid xml is sent by a malicious server
Fixed in Revisionb2fc9e774cb9
Fixed in Version2.12.0
FixOnly decode HTML entities that are well formed

Return to Security Advisory Index