Pidgin <= 2.9.0 Remote Code Execution
Evan Schoenberg, M.D.
evan at adium.im
Wed Jul 20 21:38:36 EDT 2011
James,
Thanks very much for the email. This (security at pidgin.im) is the best address to which to direct your report.
Cheers,
Evan
On Jul 20, 2011, at 8:36 PM, James Burton wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> To Whom This May Concern,
>
> My name is James Burton & I am a security researcher for Insomnia
> Security, New Zealand. I would like to report a security vulnerability
> in the latest version of Pidgin that can lead to remote code execution
> under the context of the user running the application. Could I please
> have the email/contact info for the person best suited to deal with this
> issue.
>
> Warm Regards
>
> - --
>
> James Burton
>
> Insomnia Security
> http://www.insomniasec.com
>
> - -
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.12 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk4ngq0ACgkQZz0ikCLaZMOL+gCeKMfv7lYsh7fXFNRRJ03FwutJ
> T6AAoIbfwZu7bSmS5uggwa+pgKrRJYFE
> =DGaS
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> security mailing list
> security at pidgin.im
> http://pidgin.im/cgi-bin/mailman/listinfo/security
More information about the security
mailing list