Pidgin 'msn_slplink_process_msg()' NULL Pointer Dereference Remote Code Execution Vulnerability

The Pidgin Libpurple library is prone to a remote code-execution vulnerability because of a NULL-pointer dereference.

Attackers can exploit this issue to execute arbitrary code in the context of an affected application. Failed attacks may cause a denial-of-service condition.

The following are vulnerable:

Pidgin prior to 2.5.9
Libpurple prior to 2.6.0
Gaim 0.79 and later
Adium 1.3.5 and prior

Additional applications may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus