Pidgin MSN SLP Packets Denial Of Service Vulnerability (Win) Network Vulnerability

Summary

This host has Pidgin installed and is prone to Denial of Service vulnerability.

Impact

Attackers can exploit this issue to execute arbitrary code, corrupt memory and cause the application to crash. Impact Level: Application

Solution

Upgrade to Pidgin version 2.5.9 http://pidgin.im/download

Insight

An error in the 'msn_slplink_process_msg()' function while processing malformed MSN SLP packets which can be exploited to overwrite of an arbitrary memory location.

Affected

Pidgin version prior to 2.5.9 on Windows.

References

http://secunia.com/advisories/36384
http://www.pidgin.im/news/security/?id=34
http://www.vupen.com/english/advisories/2009/2303

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-2694
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

GoodTech SSH Server SFTP Multiple BOF Vulnerabilities
Cogent DataHub Multiple Vulnerabilities
Google Chrome Multiple Denial of Service Vulnerabilities - March12 (Windows)
ClamAV Multiple Vulnerabilities (Win)
Adobe Reader Denial of Service Vulnerability (May09)

Take action and discover your vulnerabilities