Mandriva Update For Pidgin MDVSA-2008:143 (pidgin) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

An integer overflow flaw was found in Pidgin's MSN protocol handler that could allow for the execution of arbitrary code if a user received a malicious MSN message (CVE-2008-2927). In addition, this update provides the ability to use ICQ networks again on Mandriva Linux 2008.0, as in MDVA-2008:103 (updated pidgin for 2008.1). The updated packages have been patched to correct this issue.

Affected

pidgin on Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64, Mandriva Linux 2008.1, Mandriva Linux 2008.1/X86_64

Severity

Classification

CVE CVE-2008-2927

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:102 (apache)
Mandrake Security Advisory MDVSA-2009:126 (eggdrop)
Mandrake Security Advisory MDVSA-2009:018 (tomcat5)
Mandrake Security Advisory MDVSA-2009:122 (squirrelmail)
Mandrake Security Advisory MDVSA-2009:108 (zsh)

Mandriva Update for pidgin MDVSA-2008:143 (pidgin)

Take action and discover your vulnerabilities