Pidgin Security Advisory

TitleIRC crash from malicious server
CVE NameCVE-2009-2703
Discovered ByCristofaro Mune
SummaryA malicious server can send an invalid IRC message which triggers a crash
DescriptionA specially crafted IRC TOPIC message can trigger a NULL pointer dereference in the IRC protocol plugin's code for handling IRC topics.
Fixed in Revision615584769b59
Fixed in Version2.6.2
FixCorrectly ignore invalid TOPIC messages sent from the server.

Return to Security Advisory Index