cve-2009-1375-00

Summary Remote DoS in multiple protocols
Date 2021-02-15
CVE Number CVE-2009-1375
Discovered By Josef Andrysek
Fixed In Release 2.5.6

Description

A buffer maintained by PurpleCircBuffer may be corrupted if it’s exactly full and then more bytes are added to it, leading to a crash. This structure is used by the XMPP and Sametime protocol plugins.

Mitigation

PurpleCircBuffer now correctly checks bounds.

Looking to reach us via XMPP? Check out the new PidginChat service!