SuSE Update For Pidgin OpenSUSE-SU-2013:0407-1 (pidgin) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

pidgin was updated to fix security issues: - Fix a crash when receiving UPnP responses with abnormally long values. (CVE-2013-0274) - Fix a crash in Sametime when a malicious server sends us an abnormally long user ID. (CVE-2013-0273) - Fix a bug where the MXit server or a man-in-the-middle could potentially send specially crafted data that could overflow a buffer and lead to a crash or remote code execution.(CVE-2013-0272)

Affected

pidgin on openSUSE 11.4

References

http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00007.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-0272, CVE-2013-0273, CVE-2013-0274

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

SLES10: Security update for compat-openssl097g
SLES10: Security update for netpbm
SLES10: Security update for neon
SLES10: Security update for mailman
SLES10: Security update for MySQL

SuSE Update for pidgin openSUSE-SU-2013:0407-1 (pidgin)

Take action and discover your vulnerabilities