Pidgin Security Advisory

TitleNULL pointer dereference parsing SOAP data in MSN
CVE NameCVE-2013-6482
Discovered ByFabian Yamaguchi and Christian Wressnegger of the University of Goettingen
DescriptionA malicious server or man-in-the-middle could send us a specially-crafted SOAP response that results in a NULL pointer dereference.
Fixed in Revision68d6df7dc69c
Fixed in Version2.10.8
FixCheck for NULL before using values.

Return to Security Advisory Index