Solution
Please Install the Updated Packages.
Insight
pidgin was updated to fix security issues:
- Fix a crash when receiving UPnP responses with abnormally long values. (CVE-2013-0274)
- Fix a crash in Sametime when a malicious server sends us an abnormally long user ID. (CVE-2013-0273)
- Fix a bug where the MXit server or a man-in-the-middle could potentially send specially crafted data that could overflow a buffer and lead to a crash or remote code execution.(CVE-2013-0272)
- Fix a bug where a remote MXit user could possibly specify a local file path to be written to. (CVE-2013-0271)
Affected
pidgin on openSUSE 12.1
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2013-0271, CVE-2013-0272, CVE-2013-0273, CVE-2013-0274 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities