Bug 732405 (CVE-2011-3184) - CVE-2011-3184 pidgin: Remote crash in MSN protocol plugin
Summary: CVE-2011-3184 pidgin: Remote crash in MSN protocol plugin
Status: CLOSED NOTABUG
Alias: CVE-2011-3184
Product: Security Response
Classification: Other
Component: vulnerability   
(Show other bugs)
Version: unspecified
Hardware: All
OS: Linux
unspecified
unspecified
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: public=20110820,reported=20110820,sou...
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-08-22 10:36 UTC by Huzaifa S. Sidhpurwala
Modified: 2015-08-19 09:12 UTC (History)
11 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-08-22 10:45:55 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Huzaifa S. Sidhpurwala 2011-08-22 10:36:02 UTC
 A flaw was found in the handling of HTTP 100 responses in the MSN protocol plugin. It can cause the application to attempt to access memory that it does not have access to. This only affects users who have turned on the HTTP connection method for their accounts (it's off by default). This might only be triggerable by a malicious server and not a malicious peer. Remote code execution is not possible.

Reference:
http://pidgin.im/news/security/?id=54

Comment 1 Huzaifa S. Sidhpurwala 2011-08-22 10:45:55 UTC
This flaw requires a malicious MSN server to actually crash the pidgin client.
Also upstream has confirmed that this is crash only and remote code execution is not possible.

Closing this as not a security flaw.

Comment 2 Josh Bressers 2011-08-22 20:09:39 UTC
Statement:

Red Hat does not consider this to be a security flaw. As a malicious MSN server is needed, there are far worlse implications to a user connecting to an untrusted server than a DoS.


Note You need to log in before you can comment on or make changes to this bug.