pidgin: null deference vulnerabilities

Users of pidgin please be advised of a null deference vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

RHSA-2010:0788-01: [RHSA-2010:0788-01] pidgin null deference vulnerabilities
Product: Red Hat Enterprise Linux
Description:

Pidgin is an instant messaging program which can log in to multiple

accounts on multiple instant messaging networks simultaneously.

Multiple NULL pointer dereference flaws were found in the way Pidgin

handled Base64 decoding. A remote attacker could use these flaws to crash

Pidgin if the target Pidgin user was using the Yahoo! Messenger Protocol,

MSN, MySpace, or Extensible Messaging and Presence Protocol (XMPP) protocol

plug-ins, or using the Microsoft NT LAN Manager (NTLM) protocol for

authentication. (CVE-2010-3711)Read more at http://www.criticalwatch.com

 

Advertisements