CVE-2012-2369

EPSS 2.0%

pidgin-otr - format string vulnerability

Published: 5/23/2012Modified: 4/28/2026

Also known as:DEBIAN-CVE-2012-2369

Description

Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbitrary code via format string specifiers in data that generates a log message.

Affected packages (2)

Debian/pidgin-otrfrom 0, < 3.2.1-1
Debian/pidgin-otrfrom 0, < 3.2.0-5+squeeze1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-2369