Pidgin MSN Custom Smileys File Disclosure Vulnerability (Linux)

Summary
This host has Pidgin installed and is prone to File Disclosure vulnerability
Impact
Attackers can exploit this issue to gain knowledge of sensitive information via directory traversal attacks. Impact Level: Application
Solution
Apply the patch or upgrade to Pidgin version 2.6.5 http://pidgin.im/download http://developer.pidgin.im/viewmtn/revision/info/c64a1adc8bda2b4aeaae1f273541afbc4f71b810 ***** NOTE: Please ignore this warning if the patch is already applied. *****
Insight
This issue is due to an error in 'slp.c' within the 'MSN protocol plugin' in 'libpurple' when processing application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request.
Affected
Pidgin version prior to 2.6.4 on Linux.
References