Your submission was sent successfully! Close

CVE-2013-6487

Published: 3 February 2014

Integer overflow in libpurple/protocols/gg/lib/http.c in the Gadu-Gadu (gg) parser in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a large Content-Length value, which triggers a buffer overflow.

Priority

Medium

Status

Package Release Status
libgadu
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise
Released (1:1.11.1-1ubuntu0.1)
quantal
Released (1:1.11.2-1ubuntu0.12.10.1)
saucy
Released (1:1.11.2-1ubuntu1.1)
upstream
Released (1:1.11.3-1)
pidgin
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise
Released (1:2.10.3-0ubuntu1.4)
quantal
Released (1:2.10.6-0ubuntu2.3)
saucy
Released (1:2.10.7-0ubuntu4.1.13.10.1)
upstream
Released (2.10.8-1)