(CVE-2012-3374) <pidgin-2.10.5: MXit buffer overflow
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Pidgin |
Fix Released
|
Unknown
|
|||
Gentoo Linux |
Fix Released
|
High
|
|||
pidgin (Fedora) |
Fix Released
|
Medium
|
|||
pidgin (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
A new update, version 2.10.5, to the open source Pidgin instant messaging program has been released, closing an important security hole. Previous versions of Pidgin contained a vulnerability, discovered by Ulf Härnhammar, in the MXit component, where parsing incoming messages with inline images led to a buffer overflow.
The developers say that this could have been exploited by an attacker to execute arbitrary code on a victim's system by using a specially crafted message. Versions up to and including 2.10.4 are affected. Upgrading to Pidgin 2.10.5 fixes the problem; all users are advised to upgrade. Other bugs, including an issue that caused the application to crash, have also been fixed.
summary: |
- Pidgin IM client update fixes buffer overflow vulnerability + (CVE-2012-3374) <pidgin-2.10.5: MXit buffer overflow |
Changed in gentoo: | |
importance: | Unknown → Medium |
Changed in gentoo: | |
importance: | Medium → High |
Changed in pidgin: | |
status: | Unknown → Fix Released |
Changed in gentoo: | |
status: | Unknown → Fix Released |
Changed in pidgin (Fedora): | |
importance: | Unknown → Medium |
status: | Unknown → Fix Released |
A stack-based buffer overwrite flaw was found in the way MXit protocol plug-in implementation of libPurple, the core of an instant messaging program, such as Pidgin, replaced certain custom emoticon tags with corresponding image tags by processing received RX message data, prior returning the instant message to the user interface for it's presentation to the user. A remote attacker could provide a RX message with specially-crafted emoticon tags, that when processed by the libPurple's MXit protocol plug-in by an application linked against libPurple could lead to that application crash or, potentially, arbitrary code execution with the privileges of the user running the application.
Upstream ticket (private for now): pidgin. im/news/ security/ ?id=64
[1] http://
Patch for the problem and tarballs for v2.10.5 are available here: pidgin. im/~markdoliner /lkFja97sFw89/
[2] http://