Pidgin MXit Message Parsing Buffer Overflow Vulnerability (Windows) Network Vulnerability

Summary

This host has installed with Pidgin and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow attacker to cause a stack-based buffer overflow via a specially crafted RX message which may lead to the execution of arbitrary code in the context of the application or to denial-of-service. Impact Level: System/Application

Solution

Upgrade to Pidgin version 2.10.5 or later, For updates refer to http://pidgin.im/download

Insight

A boundary error within the 'mxit_show_message()' function, when parsing incoming instant messages containing inline images.

Affected

Pidgin version prior to 2.10.5 on Windows

References

http://hg.pidgin.im/pidgin/main/rev/ded93865ef42
http://secunia.com/advisories/49831/
http://www.osvdb.org/show/osvdb/83605
http://www.pidgin.im/news/security/index.php?id=64

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-3374
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

3CTftpSvc TFTP Server Long Mode Buffer Overflow Vulnerability
BS.Player '.bsl' File Buffer Overflow Vulnerabilities
BSPlayer Stack Overflow Vulnerability BLS
Blazevideo HDTV Player PLF File Buffer Overflow Vulnerability
ACDSee FotoSlate PLP Multiple Buffer Overflow Vulnerabilities

Take action and discover your vulnerabilities