Pidgin is an instant messaging program which can log in to multiple
accounts on multiple instant messaging networks simultaneously.
A flaw was found in the way the Pidgin MSN protocol plug-in processed text
that was not encoded in UTF-8. A remote attacker could use this flaw to
crash Pidgin by sending a specially-crafted MSN message. (CVE-2012-1178)
An input validation flaw was found in the way the Pidgin MSN protocol
plug-in handled MSN notification messages. A malicious server or a remote
attacker could use this flaw to crash Pidgin by sending a specially-crafted
MSN notification message. (CVE-2012-2318)
A buffer overflow flaw was found in the Pidgin MXit protocol plug-in. A
remote attacker could use this flaw to crash Pidgin by sending a MXit
message containing specially-crafted emoticon tags. (CVE-2012-3374)
Red Hat would like to thank the Pidgin project for reporting the
CVE-2012-3374 issue. Upstream acknowledges Ulf Harnhammar as the original
reporter of CVE-2012-3374.
All Pidgin users should upgrade to these updated packages, which contain
backported patches to resolve these issues. Pidgin must be restarted for
this update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | i686 | pidgin | <Β 2.7.9-5.el6.2 | pidgin-2.7.9-5.el6.2.i686.rpm |
RedHat | 6 | ppc64 | finch | <Β 2.7.9-5.el6.2 | finch-2.7.9-5.el6.2.ppc64.rpm |
RedHat | 6 | i686 | libpurple-perl | <Β 2.7.9-5.el6.2 | libpurple-perl-2.7.9-5.el6.2.i686.rpm |
RedHat | 6 | ppc | finch-devel | <Β 2.7.9-5.el6.2 | finch-devel-2.7.9-5.el6.2.ppc.rpm |
RedHat | 5 | i386 | libpurple-perl | <Β 2.6.6-11.el5.4 | libpurple-perl-2.6.6-11.el5.4.i386.rpm |
RedHat | 5 | i386 | pidgin | <Β 2.6.6-11.el5.4 | pidgin-2.6.6-11.el5.4.i386.rpm |
RedHat | 6 | ppc | libpurple-devel | <Β 2.7.9-5.el6.2 | libpurple-devel-2.7.9-5.el6.2.ppc.rpm |
RedHat | 5 | i386 | libpurple | <Β 2.6.6-11.el5.4 | libpurple-2.6.6-11.el5.4.i386.rpm |
RedHat | 6 | x86_64 | finch-devel | <Β 2.7.9-5.el6.2 | finch-devel-2.7.9-5.el6.2.x86_64.rpm |
RedHat | 6 | ppc64 | finch-devel | <Β 2.7.9-5.el6.2 | finch-devel-2.7.9-5.el6.2.ppc64.rpm |