CVE-2013-6482

Published: 5 February 2014

Pidgin before 2.10.8 allows remote MSN servers to cause a denial of service (NULL pointer dereference and crash) via a crafted (1) SOAP response, (2) OIM XML response, or (3) Content-Length header.

Priority

Status

Package	Release	Status
pidgin Launchpad, Ubuntu, Debian	lucid	Ignored (reached end-of-life)
	precise	Released (1:2.10.3-0ubuntu1.4)
	quantal	Released (1:2.10.6-0ubuntu2.3)
	saucy	Released (1:2.10.7-0ubuntu4.1.13.10.1)
	upstream	Released (2.10.8)

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6482
http://www.pidgin.im/news/security/?id=75
http://www.pidgin.im/news/security/?id=76
http://www.pidgin.im/news/security/?id=77
https://ubuntu.com/security/notices/USN-2100-1
NVD
Launchpad
Debian

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

CVE-2013-6482

Medium

Status

References

Join the discussion

Canonical is offering Extended Security Maintenance

Further reading