Pidgin Security Advisory

TitleCrash handling bad XMPP timestamp
CVE NameCVE-2013-6477
Discovered ByJaime Breva Ribes
DescriptionA remote XMPP user can trigger a crash on some systems by sending a message with a timestamp in the distant future.
Fixed in Revision852014ae74a0
Fixed in Version2.10.8
FixAvoid passing negative timestamps to localtime().

Return to Security Advisory Index