Pidgin Security Advisory
| Title | MSN malformed SLP message overflow |
|---|
| Date | 2008-07 |
|---|
| CVE Name | CVE-2008-2927 |
|---|
| Discovered By | Anonymous (via TippingPoint's Zero Day Initiative) |
|---|
| Summary | Malformed SLP messages can cause a buffer overflow |
|---|
| Description | Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in libpurple allow remote attackers to execute arbitrary code via a malformed SLP message. |
|---|
| Fixed in Version | 2.4.3 |
|---|
| Fix | The affected function has been patched to fix the vulnerability. |
|---|
Return to Security Advisory Index
