Pidgin Security Advisory

TitleRemote DoS in multiple protocols
Date2009-03-20
CVE NameCVE-2009-1375
Discovered ByJosef Andrysek
SummaryRemote denial of service that affects several protocols
DescriptionA buffer maintained by PurpleCircBuffer may be corrupted if it's exactly full and then more bytes are added to it, leading to a crash. This structure is used by the XMPP and Sametime protocol plugins.
Fixed in Version2.5.6
FixPurpleCircBuffer now correctly checks bounds.

Return to Security Advisory Index