Denial of Service Vulnerability in libpurple in Pidgin before 2.7.4

Denial of Service Vulnerability in libpurple in Pidgin before 2.7.4

CVE-2010-3711 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:P

libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins for MSN, MySpaceIM, XMPP, and Yahoo! and the NTLM authentication support.

Learn more about our User Device Pen Test.