DescriptionHuzaifa S. Sidhpurwala
2014-01-24 08:59:15 UTC
A Heap-based buffer overflow was found in the way MXit protocol plugin of pidgin parsed emoticons. A malicious server could provide a specially crafted emoticon value, which could cause an integer overflow leading to a buffer overflow. This could cause pidgin to crash or possibly execute arbitrary code with the permissions of the user running pidgin.
Acknowledgements:
Red Hat would like to thank the Pidgin project for reporting this issue. Upstream acknowledges Yves Younan and Pawel Janic of Sourcefire VRT as the original reporters of this issue.
Comment 1Huzaifa S. Sidhpurwala
2014-01-27 06:28:08 UTC