Pidgin 2.4.1 allows remote attackers to cause a denial of service (crash) via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msn_slplink_process_msg function.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | pidgin | < 2.4.3-1 | pidgin_2.4.3-1_all.deb |
Debian | 11 | all | pidgin | < 2.4.3-1 | pidgin_2.4.3-1_all.deb |
Debian | 10 | all | pidgin | < 2.4.3-1 | pidgin_2.4.3-1_all.deb |
Debian | 999 | all | pidgin | < 2.4.3-1 | pidgin_2.4.3-1_all.deb |
Debian | 13 | all | pidgin | < 2.4.3-1 | pidgin_2.4.3-1_all.deb |