[Pidgin] #11470: CVE-2008-2956 denial-of-service
Pidgin
trac at pidgin.im
Sun Feb 28 16:45:18 EST 2010
#11470: CVE-2008-2956 denial-of-service
--------------------------+-------------------------------------------------
Reporter: mgilbert | Owner: rekkanoryo
Type: defect | Status: new
Component: unclassified | Version: 2.6.6
Keywords: |
--------------------------+-------------------------------------------------
hi, CVE-2008-2956 was disclosud a couple years ago, but is still open in
pidgin. this is a denial-of-service due to a memory consumption caused by
malformed xml documents [0]. there was a preliminary patch at one point,
but those pages no longer exist [1]. there may be some other useful info
in the debian bug report. thanks.
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2956
[1] http://crisp.cs.du.edu/?q=ca2007-1
[2] http://bugs.debian.org/488632
--
Ticket URL: <http://developer.pidgin.im/ticket/11470>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list