Описание
markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.
A denial of service flaw was found in the way Pidgin's Mxit plug-in handled emoticons. A malicious remote server or a man-in-the-middle attacker could potentially use this flaw to crash Pidgin by sending a specially crafted emoticon.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | pidgin | Will not fix | ||
| Red Hat Enterprise Linux 6 | pidgin | Will not fix | ||
| Red Hat Enterprise Linux 7 | pidgin | Fixed | RHSA-2017:1854 | 01.08.2017 |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS3
5 Medium
CVSS2
Связанные уязвимости
markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.
markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.
markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.1 ...
markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.
EPSS
4.3 Medium
CVSS3
5 Medium
CVSS2