BitlBee prior to 3.5 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bitlbee bitlbee-libpurple |
||
bitlbee bitlbee |