Pidgin Security Advisory

TitleRemote crash reading Yahoo! P2P message
Date2014-01-28
CVE NameCVE-2013-6481
Discovered ByDaniel Atallah
DescriptionThe Yahoo! protocol plugin failed to validate a length field before trying to read from a buffer, which could result in reading past the end of the buffer which could cause a crash.
Fixed in Revision4d139ce8f7ec
Fixed in Version2.10.8
FixCheck that the length is within range.

Return to Security Advisory Index