Pidgin Security Advisory

TitleXMPP custom smiley parsing bug
Date2009-09-03
CVE NameCVE-2009-3085
Discovered ByFlorob, Waqas, Paul Aurich and Marcus Lundblad
SummaryXMPP can crash when parsing certain custom smiley responses
DescriptionThe XMPP protocol plugin can crash when attempting to process an error response as a custom smiley. libpurple 2.5.2 through 2.6.1 are vulnerable. Older versions may be vulnerable as well.
Fixed in Revision2da956f23839
Fixed in Version2.6.2
FixHandle error iq responses appropriately.

Return to Security Advisory Index