www: bee4ce18: Revise text and include CVE ID.

rekkanoryo at pidgin.im rekkanoryo at pidgin.im
Thu May 13 01:16:30 EDT 2010

Revision: bee4ce187ff1c2bb9be46c0c5554269aca53a201
Ancestor: 710a967a7e7d4f53f20463df82b46a20d3015ce5
Author: rekkanoryo at pidgin.im
Date: 2010-05-13T05:00:57
Branch: im.pidgin.www
URL: http://d.pidgin.im/viewmtn/revision/info/bee4ce187ff1c2bb9be46c0c5554269aca53a201

Modified files:


Revise text and include CVE ID.

-------------- next part --------------
--- htdocs/news/security/index.php	a7577041c02562aa7ae93dce6f75837a19c986fc
+++ htdocs/news/security/index.php	f623910b5518ccc1c0a34ace083548cbc908ea8f
@@ -491,7 +491,7 @@ $vulnerabilities = array(
 		"title"        => "MSN emoticon denial of service",
 		"date"         => "2010-05-12",
-		"cve"          => "",
+		"cve"          => "CVE-2010-1624",
 		"summary"      => "Libpurple clients can crash due to malformed SLP message",
 		"description"  => "A vulnerability was discovered in libpurple's MSN protocol plugin that can cause a denial of service (crash) due to insufficient validation of certain SLP packets related to custom emoticons.  An attacker could use this vulnerability to remotely crash a client using libpurple for MSN.  It is not possible for this vulnerability to be exploited for code execution.  As a workaround, disabling custom emoticons on MSN accounts will prevent the vulnerability.",
 		"fix"          => "Validation has been added to the MSN plugin to prevent the crash.",

More information about the Commits mailing list