Pidgin Security Advisory

TitlePossible MSN remote crash
Date2012-01-17
CVE NameCVE-2012-1178
Discovered ByThijs Alkemade in ticket #14884
DescriptionIn some situations the MSN server sends text that isn't UTF-8 encoded, and Pidgin fails to verify the text's encoding. In some cases this can lead to a crash when attempting to display the text.
Fixed in Revision1b1b97b8e942
f9eeb175a5c9
f5fd49c83637
5c02bc93f2c4
85ec889f1675
Fixed in Version2.10.2
FixVerify that incoming text is UTF-8, and sanitize if it's not.

Return to Security Advisory Index