Ubuntu USN-796-1 (pidgin) Network Vulnerability

Summary

The remote host is missing an update to pidgin announced via advisory USN-796-1.

Solution

The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: pidgin 1:2.4.1-1ubuntu2.5 Ubuntu 8.10: pidgin 1:2.5.2-0ubuntu1.3 Ubuntu 9.04: pidgin 1:2.5.5-1ubuntu8.3 After a standard system upgrade you need to restart Pidgin to effect the necessary changes. https://secure1.securityspace.com/smysecure/catid.html?in=USN-796-1

Insight

Yuriy Kaminskiy discovered that Pidgin did not properly handle certain messages in the ICQ protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash.

Severity

Classification

CVE CVE-2009-1889

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Ubuntu Update for dbus USN-2352-1
Ubuntu Update for cinder USN-2005-1
Ubuntu Update for aptdaemon USN-1414-1
Ubuntu Update for apache2 vulnerability USN-990-2
Ubuntu Update for cups USN-1207-1

Take action and discover your vulnerabilities