CVE-2013-6487

EPSS 3.9%

libgadu - heap-based buffer overflow

發布日:2014/2/6修改日:2026/4/28

也稱為:DEBIAN-CVE-2013-6487

描述

Integer overflow in libpurple/protocols/gg/lib/http.c in the Gadu-Gadu (gg) parser in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a large Content-Length value, which triggers a buffer overflow.

受影響套件(3)

Debian/libgadufrom 0, < 1:1.11.3-1
Debian/libgadufrom 0, < 1:1.11.2-1+deb7u1
Debian/pidginfrom 0, < 2.10.8-1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-6487