Ubuntu Update For Pidgin USN-1273-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1273-1

Solution

Please Install the Updated Packages.

Insight

Marius Wachtler discovered that Pidgin incorrectly handled malformed YMSG messages in the Yahoo! protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS and 10.10. (CVE-2011-1091) Marius Wachtler discovered that Pidgin incorrectly handled HTTP 100 responses in the MSN protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. (CVE-2011-3184) Diego Bauche Madero discovered that Pidgin incorrectly handled UTF-8 sequences in the SILC protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. (CVE-2011-3594)

Affected

pidgin on Ubuntu 11.04 , Ubuntu 10.10 , Ubuntu 10.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-November/001489.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1091, CVE-2011-3184, CVE-2011-3594

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Ubuntu Update for pidgin USN-1273-1

Take action and discover your vulnerabilities