libpurple in Pidgin prior to 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote malicious users to cause a denial of service (crash) via a nudge message that triggers an access of "an invalid memory location."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pidgin pidgin 2.2.0 |