SUSE CVE-2010-0277

slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a...

PT-2010-1839 · Adium +2 · Adium +3

Name of the Vulnerable Software and Affected Versions: Pidgin versions 2.6.4 Adium versions 1.3.8 Description: A directory traversal issue in the MSN protocol plugin in libpurple allows remote attackers to read arbitrary files via a .. dot dot in an application/x-msnmsgrp2p MSN emoticon request...