[Pidgin] #11076: msn emoticon request leads to file disclosure
Pidgin
trac at pidgin.im
Sun Jan 3 17:45:03 EST 2010
#11076: msn emoticon request leads to file disclosure
---------------------+------------------------------------------------------
Reporter: aatdark | Owner: khc
Type: defect | Status: new
Component: MSN | Version: 2.6.4
Keywords: |
---------------------+------------------------------------------------------
as mentioned in a 36C3 speech the following 0-Day exploit has been
detected:
An attacker can request all files readable by the user executing the
program with sending an faked emoticon request.
I'm not quit familar with msn protocol so please check out this part of
his speech:
http://www.youtube.com/watch?v=0yhDT5ekVoc
(interesting part starting at 5:45
--
Ticket URL: <http://developer.pidgin.im/ticket/11076>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list