PDA

View Full Version : USN-548-1: Pidgin vulnerability



rss-bot
November 29th, 2007, 04:20 AM
Referenced CVEs:
CVE-2007-4999


Description:
================================================== ========= Ubuntu Security Notice USN-548-1 November 28, 2007 pidgin vulnerability CVE-2007-4999 ================================================== ========= A security issue affects the following Ubuntu releases: Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.10: libpurple0 1:2.2.1-1ubuntu4.1 After a standard system upgrade you need to restart Pidgin to effect the necessary changes. Details follow: It was discovered that Pidgin did not correctly handle certain logging events. A remote attacker could send specially crafted messages and cause the application to crash, leading to a denial of service.





More... (http://www.ubuntu.com/usn/usn-548-1)