Mandriva Update For Pidgin MDVSA-2012:105 (pidgin) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability has been discovered and corrected in pidgin: Incorrect handing of inline images in incoming instant messages can cause a buffer overflow and in some cases can be exploited to execute arbitrary code (CVE-2012-3374). This update provides pidgin 2.10.6, which is not vulnerable to this issue.

Affected

pidgin on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2

Severity

Classification

CVE CVE-2012-3374

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:131-1 (apr-util)
Mandrake Security Advisory MDVSA-2009:093 (mpg123)
Mandrake Security Advisory MDVSA-2009:049-1 (pycrypto)
Mandrake Security Advisory MDVSA-2009:135 (kernel)
Mandrake Security Advisory MDVSA-2009:083 (mozilla-thunderbird)

Mandriva Update for pidgin MDVSA-2012:105 (pidgin)

Take action and discover your vulnerabilities