[Pidgin] #15289: exchndl.dll issues

Pidgin trac at pidgin.im
Sun Aug 26 00:56:55 EDT 2012

#15289: exchndl.dll issues
 Reporter:  ioerror          |     Owner:  datallah
     Type:  defect           |    Status:  new     
Component:  winpidgin (gtk)  |   Version:  2.10.6  
 Keywords:  security         |  
 exchndl.dll is shipped with the Windows pidgin (
 I think the source for that dll is from

 I did a quick audit and in general, it appears that it has a few issues.

 CVE-2010-x+n seems to (  http://blog.zoller.lu/2010/08/cve-2010-xn-
 loadlibrarygetprocaddress.html ) apply. Specifically, it looks like (
 http://www.exploit-db.com/exploits/14741/ ) a specifically crafted DLL
 could really screw things up at crash time (
 http://www.securityfocus.com/bid/1699/discuss http://msdn.microsoft.com
 /en-us/library/ms684175%28VS.85%29.aspx ). It might even be possible

Ticket URL: <http://developer.pidgin.im/ticket/15289>
Pidgin <http://pidgin.im>

More information about the Tracker mailing list