Pidgin Security Advisory
| Title | MSN malformed SLP message overflow |
|---|
| Date | 2009-05-02 |
|---|
| CVE Name | CVE-2009-1376 |
|---|
| Discovered By | Loc VALBON (via TippingPoint's Zero Day Initiative) |
|---|
| Summary | Malformed SLP messages can cause a buffer overflow |
|---|
| Description | The previous fix to CVE-2008-2927 was deemed incomplete. The size check improperly cast an uint64 to size_t which can cause an integer overflow, rendering the check useless. |
|---|
| Fixed in Version | 2.5.6 |
|---|
| Fix | The proper variable type is now used when doing size comparison. Additionally, the malformed message is now properly discarded. |
|---|
Return to Security Advisory Index
