oss-sec mailing list archives
CVE request: Pidgin crash
From: Mark Doliner <mark () kingant net>
Date: Sat, 20 Aug 2011 10:59:50 -0700
Hi! Would it be possible to issue a CVE for a new crash in Pidgin? "Certain characters in the nicknames of IRC users can trigger a null pointer dereference in the IRC protocol plugin's handling of responses to WHO requests. This can cause a crash on some operating systems. Clients based on libpurple 2.8.0 through 2.9.0 are affected." http://pidgin.im/news/security/?id=53 The crash was discovered by Djego Ibanez. Thanks, Mark
Current thread:
- CVE request: Pidgin crash Mark Doliner (Aug 20)
- Re: CVE request: Pidgin crash Huzaifa Sidhpurwala (Aug 21)
- Re: CVE request: Pidgin crash Huzaifa Sidhpurwala (Aug 22)
- Re: CVE request: Pidgin crash Mark Doliner (Aug 22)
- Re: CVE request: Pidgin crash Mark Doliner (Aug 22)
- Re: CVE request: Pidgin crash Moritz Mühlenhoff (Aug 22)
- Re: CVE request: Pidgin crash Mark Doliner (Aug 22)
- Re: CVE request: Pidgin crash Josh Bressers (Aug 22)
- Re: CVE request: Pidgin crash Huzaifa Sidhpurwala (Aug 22)
- Re: CVE request: Pidgin crash Huzaifa Sidhpurwala (Aug 21)