Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin prior to 2.4.3 and Adium prior to 1.3 allow remote malicious users to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pidgin pidgin 2.1.0 |
||
pidgin pidgin 2.0.1 |
||
pidgin pidgin 2.2.2 |
||
pidgin pidgin 2.1.1 |
||
pidgin pidgin 2.3.1 |
||
pidgin pidgin 2.0.0 |
||
pidgin pidgin 2.0.2 |
||
pidgin pidgin 2.3.0 |
||
pidgin pidgin 2.4.1 |
||
pidgin pidgin 2.4.0 |
||
pidgin pidgin 2.2.0 |
||
pidgin pidgin |
||
pidgin pidgin 2.2.1 |
||
adium adium 1.0.2 |
||
adium adium 1.1 |
||
adium adium 1.0.1 |
||
adium adium 1.0.5 |
||
adium adium 1.1.2 |
||
adium adium 1.1.3 |
||
adium adium 1.1.4 |
||
adium adium 1.0.4 |
||
adium adium |
||
adium adium 1.0 |
||
adium adium 1.0.3 |
||
adium adium 1.1.1 |