Уязвимость CVE-2010-1624: Информация
Описание
The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a custom emoticon in a malformed SLP message.
Важность: MEDIUM (5,0)
Ссылки на рекомендации, решения и инструменты
Ссылка | Ресурс |
---|---|
39801 |
|
http://www.pidgin.im/news/security/index.php?id=46 |
|
http://developer.pidgin.im/viewmtn/revision/info/894460d22c434e73d60b71ec031611988e687c8b |
|
http://developer.pidgin.im/viewmtn/revision/diff/884d44222e8c81ecec51c25e07d005e002a5479b/with/894460d22c434e73d60b71ec031611988e687c8b/libpurple/protocols/msn/slp.c |
|
ADV-2010-1141 |
|
40138 |
|
MDVSA-2010:097 |
|
ADV-2010-2755 |
|
https://bugzilla.redhat.com/show_bug.cgi?id=589973 |
|
41899 |
|
RHSA-2010:0788 |
|
USN-1014-1 |
|
pidgin-slp-packets-dos(58559) |
|
oval:org.mitre.oval:def:18547 |
|