Pidgin Security Advisory
| Title | MSN malformed SLP message crash |
|---|
| Date | 2010-02-18 |
|---|
| CVE Name | CVE-2010-0277 |
|---|
| Discovered By | Fabian Yamaguchi |
|---|
| Summary | Failure to validate all fields of an incoming message can trigger a crash |
|---|
| Description | Certain malformed SLP messages can trigger a crash because the MSN protocol plugin fails to check that all pieces of the message are set correctly. |
|---|
| Fixed in Revision | 9a3f73531905 |
|---|
| Fixed in Version | 2.6.6 |
|---|
| Fix | Validate input before attempting to handle the message. |
|---|
Return to Security Advisory Index
