Pidgin Security Advisory

TitleMXit buffer overflow reading data from network
CVE NameCVE-2013-0272
Discovered ByDaniel Atallah
DescriptionThe code did not respect the size of the buffer when parsing HTTP headers, and a malicious server or man-in-the-middle could send specially crafted data that could overflow the buffer. This could lead to a crash or remote code execution.
Fixed in Revision879db2a9a59c
Fixed in Version2.10.7
FixCheck buffer bounds when reading and parsing incoming HTTP data.

Return to Security Advisory Index