Pidgin Security Advisory
| Title | Remote crash reading Yahoo! P2P message |
|---|---|
| Date | 2014-01-28 |
| CVE Name | CVE-2013-6481 |
| Discovered By | Daniel Atallah |
| Description | The Yahoo! protocol plugin failed to validate a length field before trying to read from a buffer, which could result in reading past the end of the buffer which could cause a crash. |
| Fixed in Revision | 4d139ce8f7ec |
| Fixed in Version | 2.10.8 |
| Fix | Check that the length is within range. |
