Pidgin Security Advisory
| Title | Out-of-bounds write when stripping xml |
|---|---|
| Date | 2017-03-09 |
| CVE Name | CVE 2017-2640 |
| Discovered By | Joseph Bisch |
| Description | An out-of-bounds write when invalid xml is sent by a malicious server |
| Fixed in Revision | b2fc9e774cb9 |
| Fixed in Version | 2.12.0 |
| Fix | Only decode HTML entities that are well formed |
