CVE-2010-3711

描述

libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins for MSN, MySpaceIM, XMPP, and Yahoo! and the NTLM authentication support.

受影響套件(1)

• Debian/pidginfrom 0, < 2.7.4-1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-3711