Pidgin Security Advisory
| Title | NULL pointer dereference in parsing invalid HTML |
|---|
| Date | 2007-10-24 |
|---|
| CVE Name | CVE-2007-4999 |
|---|
| Discovered By | Jeffrey Rosen |
|---|
| Summary | Receiving invalid HTML can cause libpurple 2.1.0 through 2.2.1 to crash |
|---|
| Description | A remote user can cause a denial of service (crash) by sending a message with invalid HTML. It is believed that this crash can be triggered only when using HTML logging. |
|---|
| Fixed in Version | 2.2.2 |
|---|
| Fix | The affected function has been patched to fix the vulnerability. |
|---|
Return to Security Advisory Index
