Pidgin Security Advisory

TitleGadu-Gadu memory alignment bug
Date2005-08-11
CVE NameCVE-2005-2370
Discovered ByMarcin Owsiany and Wojtek Kaniewski
SummaryA memory alignment bug in the Gadu-Gadu protocol plugin can result in a buffer overflow
DescriptionThere was a memory alignment bug in the library Gaim uses to access the Gadu-Gadu network. This bug can not be exploited on x86 architectures. This bug was recently fixed in the libgadu library, but also needed to be fixed in Gaim because Gaim includes a copy of the libgadu library.
Fixed in Version1.5.0
FixThe vulnerable section of code was modified to work correctly on all architectures.

Return to Security Advisory Index