Mandriva Update For Pidgin MDVSA-2012:105 (pidgin) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability has been discovered and corrected in pidgin: Incorrect handing of inline images in incoming instant messages can cause a buffer overflow and in some cases can be exploited to execute arbitrary code (CVE-2012-3374). This update provides pidgin 2.10.6, which is not vulnerable to this issue.

Affected

pidgin on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2

Severity

Classification

CVE CVE-2012-3374
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:159 (mysql)
Mandrake Security Advisory MDVSA-2009:143 (netpbm)
Mandrake Security Advisory MDVSA-2009:050 (python-pycrypto)
Mandrake Security Advisory MDVSA-2009:012 (mozilla-thunderbird)
Mandrake Security Advisory MDVSA-2009:128 (libmodplug)

Mandriva Update for pidgin MDVSA-2012:105 (pidgin)

Take action and discover your vulnerabilities