Ubuntu USN-796-1 (pidgin) Network Vulnerability

Summary

The remote host is missing an update to pidgin announced via advisory USN-796-1.

Solution

The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: pidgin 1:2.4.1-1ubuntu2.5 Ubuntu 8.10: pidgin 1:2.5.2-0ubuntu1.3 Ubuntu 9.04: pidgin 1:2.5.5-1ubuntu8.3 After a standard system upgrade you need to restart Pidgin to effect the necessary changes. https://secure1.securityspace.com/smysecure/catid.html?in=USN-796-1

Insight

Yuriy Kaminskiy discovered that Pidgin did not properly handle certain messages in the ICQ protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash.

Severity

Classification

CVE CVE-2009-1889
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Ubuntu Update for clamav vulnerability USN-684-1
Ubuntu Update for clamav USN-1179-1
Ubuntu Update for curl USN-2058-1
Ubuntu Update for curl USN-2399-1
Ubuntu Update for bzip2 vulnerability USN-590-1

Take action and discover your vulnerabilities