Pidgin Security Advisory
| Title | XMPP custom smiley parsing bug |
|---|
| Date | 2009-09-03 |
|---|
| CVE Name | CVE-2009-3085 |
|---|
| Discovered By | Florob, Waqas, Paul Aurich and Marcus Lundblad |
|---|
| Summary | XMPP can crash when parsing certain custom smiley responses |
|---|
| Description | The XMPP protocol plugin can crash when attempting to process an error response as a custom smiley. libpurple 2.5.2 through 2.6.1 are vulnerable. Older versions may be vulnerable as well. |
|---|
| Fixed in Revision | 2da956f23839 |
|---|
| Fixed in Version | 2.6.2 |
|---|
| Fix | Handle error iq responses appropriately. |
|---|
Return to Security Advisory Index
