pidgin is vulnerable to denial of service (DoS). The vulnerability exists in Pidginβs QQ protocol decryption handler. When the QQ protocol decrypts packet information, heap data can be overwritten, possibly causing Pidgin to crash.
secunia.com/advisories/35188
secunia.com/advisories/35194
secunia.com/advisories/35202
secunia.com/advisories/35294
secunia.com/advisories/35329
www.gentoo.org/security/en/glsa/glsa-200905-07.xml
www.mandriva.com/security/advisories?name=MDVSA-2009:173
www.pidgin.im/news/security/?id=30
www.redhat.com/security/updates/classification/#important
www.redhat.com/support/errata/RHSA-2009-1060.html
www.securityfocus.com/bid/35067
www.ubuntu.com/usn/USN-781-1
www.vupen.com/english/advisories/2009/1396
access.redhat.com/errata/RHSA-2009:1060
bugzilla.redhat.com/show_bug.cgi?id=500490
exchange.xforce.ibmcloud.com/vulnerabilities/50684
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11654
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18201
www.redhat.com/archives/fedora-package-announce/2009-June/msg00033.html
www.redhat.com/archives/fedora-package-announce/2009-June/msg00051.html
www.redhat.com/archives/fedora-package-announce/2009-June/msg00075.html