pidgin-otr -- format string vulnerability

ID AA71DAAA-9F8C-11E1-BD0A-0082A0C18826
Type freebsd
Reporter FreeBSD
Modified 2012-05-16T00:00:00


The authors report:

Versions 3.2.0 and earlier of the pidgin-otr plugin contain a format string security flaw. This flaw could potentially be exploited by a remote attacker to cause arbitrary code to be executed on the user's machine. The flaw is in pidgin-otr, not in libotr. Other applications that use libotr are not affected.