Pidgin Security Advisory

TitleXMPP file transfer buffer overflow
Date2009-05-02
CVE NameCVE-2009-1373
Discovered ByVeracode
SummaryBuffer overflow is possible when initiating file transfer to a malicious buddy over XMPP
DescriptionThe XMPP SOCKS5 bytestream server was not correctly checking the bounds of a buffer when initiating an outgoing file transfer.
Fixed in Version2.5.6
FixThe affected function has been patched to fix the vulnerability.

Return to Security Advisory Index