Pidgin Security Advisory
| Title | Buffer overflow in MXit emoticon parsing |
|---|---|
| Date | 2014-01-28 |
| CVE Name | CVE-2013-6489 |
| Discovered By | Yves Younan and Pawel Janic of Sourcefire VRT |
| Description | A specially crafted emoticon value could cause an integer overflow which could lead to a buffer overflow. |
| Fixed in Revision | 4c897372b5a4 |
| Fixed in Version | 2.10.8 |
| Fix | Use an unsigned integer and enforce a maximum size. |
