libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins for MSN, MySpaceIM, XMPP, and Yahoo! and the NTLM authentication support.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2010-10-27 17:00
Updated : 2017-09-18 18:31
NVD link : CVE-2010-3711
Mitre link : CVE-2010-3711
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
pidgin
- pidgin