Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Mandriva Update for pidgin MDVSA-2012:029 (pidgin)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update for the 'pidgin' package(s) announced via the referenced advisory.
Insight
Insight
Multiple vulnerabilities has been discovered and corrected in pidgin: The pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin before 2.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by changing a nickname while in an XMPP chat room (CVE-2011-4939). The msn_oim_report_to_user function in oim.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.2 allows remote servers to cause a denial of service (application crash) via an OIM message that lacks UTF-8 encoding (CVE-2012-1178). This update provides pidgin 2.10.2, which is not vulnerable to these issues.
Affected Software
Affected Software
pidgin on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2
Solution
Solution
Please Install the Updated Packages.