Jump to:

CVE-2017-2640

Jump to:

CVE-2017-2640

Package pidgin updated to version 2.12.0-alt1 for branch sisyphus in task 179454.

Published: 2018-07-27
Modified: 2024-11-21

CVE-2017-2640

An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in the context of the pidgin process.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

96775
96775
RHSA-2017:1854
RHSA-2017:1854
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2640
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2640
GLSA-201706-10
GLSA-201706-10
DSA-3806
DSA-3806

Version: 2.1.0

Package pidgin update in sisyphus on 2017-03-13

ALT-PU-2017-1275-1

Closed vulnerabilities

CVE-2017-2640