Common Vulnerabilities and Exposures assigned an identifier CVE-2008-2955 to the following vulnerability: Pidgin 2.4.1 allows remote attackers to cause a denial of service (crash) via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msn_slplink_process_msg function. References: http://www.securityfocus.com/archive/1/archive/1/493682/100/0/threaded http://secunia.com/advisories/30881 http://www.frsirt.com/english/advisories/2008/1947
upstream bug: http://developer.pidgin.im/ticket/6246
Upstream advisory: http://www.pidgin.im/news/security/?id=26 Fixed upstream in: 2.4.3