Pidgin Security Advisory

TitleBuffer overflow in MXit emoticon parsing
Date2014-01-28
CVE NameCVE-2013-6489
Discovered ByYves Younan and Pawel Janic of Sourcefire VRT
DescriptionA specially crafted emoticon value could cause an integer overflow which could lead to a buffer overflow.
Fixed in Revision4c897372b5a4
Fixed in Version2.10.8
FixUse an unsigned integer and enforce a maximum size.

Return to Security Advisory Index