NULL pointer dereference in parsing invalid HTML
Bug #157347 reported by
pl4nkton
This bug report is a duplicate of:
Bug #158400: [CVE-2007-4999] pidgin HTML Processing Denial of Service.
Edit
Remove
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| pidgin (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: pidgin
Title NULL pointer dereference in parsing invalid HTML
Date 24 October 2007
CVE Name CVE-2007-4999
Discovered By Jeffrey Rosen
Summary Receiving invalid HTML can cause libpurple 2.1.0 through 2.2.1 to crash
Description A remote user can cause a denial of service (crash) by sending a message with invalid HTML. It is believed that this crash can be triggered only when using HTML logging.
Fixed in Version 2.2.2
Fix The affected function has been patched to fix the vulnerability.
CVE References
Revision history for this message
| Murat Gunes (mgunes) wrote | #1 |
To post a comment you must log in.
Thank you for your bug report. This is the same issue reported in bug #158400; I'm marking it as a duplicate.