Ubuntu
pidgin package

[CVE-2007-4999] pidgin HTML Processing Denial of Service

Bug #158400 reported by Matti Lindell
294
Affects Status Importance Assigned to Milestone
pidgin (Ubuntu)
Fix Released
Undecided
Stephan Rügamer
Gutsy
Fix Released
Undecided
Kees Cook

Bug Description

Binary package hint: pidgin

from http://secunia.com/advisories/27372/
---

Description:
A weakness has been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service). The weakness is caused due to a NULL-pointer dereference error when processing messages with invalid HTML code and can be exploited to cause libpurple to crash. Successful exploitation may require that HTML logging is used.

Solution:
Update to version 2.2.2.

CVE References

Revision history for this message
Sebastien Bacher (seb128) wrote :

Thank you for your bug. The patch is easy enough and doesn't justify a version update

Revision history for this message
ubuntu_demon (ubuntu-demon) wrote :

Why is this security vulnerability not fixed yet ?

see also :
http://www.pidgin.im/news/security/?id=24
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4999

ubuntu_demon (ubuntu-demon)
Changed in pidgin:
status: New → Confirmed
Stephan Rügamer (sruegamer)
Changed in pidgin:
assignee: nobody → shermann
status: Confirmed → In Progress
Revision history for this message
ubuntu_demon (ubuntu-demon) wrote :

the fix can probably be found somewhere in here : http://developer.pidgin.im/viewmtn/branch/changes/im.pidgin.pidgin.2.2.2

Revision history for this message
Stephan Rügamer (sruegamer) wrote :
Revision history for this message
Matti Lindell (mlind) wrote :

Bug #160670 is also a duplicate according to CVE entry it links to, but it's private and I cannot its status.

Revision history for this message
Kees Cook (kees) wrote :

Thanks for the debdiff, I'll get this uploaded and published shortly. (Looks like Hardy has 2.2.2 already, so I'll mark that as fix-released)

Changed in pidgin:
status: In Progress → Fix Released
assignee: nobody → keescook
status: New → Fix Committed
Revision history for this message
Stephan Rügamer (sruegamer) wrote :

pidgin (1:2.2.1-1ubuntu4.1) gutsy-security; urgency=low

  * SECURITY UPDATE: (LP: #158400)
    + CVE-2007-4999: libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML
      logging, allows remote attackers to cause a denial of service (NULL
      dereference and application crash) via a message that contains invalid HTML
      data, a different vector than CVE-2007-4996.
  * debian/patches/99_CVE-2007-4999.patch:
    - Applied patch by upstream
    - Link: http://developer.pidgin.im/viewmtn/revision/diff/0810c68ce97a8213a5edbf5ffe7c1418915d3dfe/with/aff089bc73ecc6fe8ebbeac670db8be13511fcf4
  * References:
    CVE-2007-4999
    http://developer.pidgin.im/ticket/3436

 -- Stephan Hermann <email address hidden> Mon, 26 Nov 2007 16:32:57 +0100

Changed in pidgin:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.