Pidgin Security Advisory
| Title | IRC crash from malicious server |
|---|
| Date | 2009-09-03 |
|---|
| CVE Name | CVE-2009-2703 |
|---|
| Discovered By | Cristofaro Mune |
|---|
| Summary | A malicious server can send an invalid IRC message which triggers a crash |
|---|
| Description | A specially crafted IRC TOPIC message can trigger a NULL pointer dereference in the IRC protocol plugin's code for handling IRC topics. |
|---|
| Fixed in Revision | 615584769b59 |
|---|
| Fixed in Version | 2.6.2 |
|---|
| Fix | Correctly ignore invalid TOPIC messages sent from the server. |
|---|
Return to Security Advisory Index
