Pidgin Security Advisory
| Title | Remotely triggerable crash in IRC argument parsing |
|---|---|
| Date | 2014-01-28 |
| CVE Name | CVE-2014-0020 |
| Discovered By | Daniel Atallah |
| Description | A malicious server or man-in-the-middle could trigger a crash in libpurple by sending a message with fewer than expected arguments. |
| Fixed in Revision | a167504359e5 9f132a6855cd 5845d9fa7084 6b0e0566af20 4d9be297d399 7d0fb0c6d8d4 |
| Fixed in Version | 2.10.8 |
| Fix | Verify that incoming messages contain the appropriate number of arguments before handling them. |
