NULL pointer dereference vulnerability in libpurple's MSN protocol plugin in Pidgin before 2.7.9

NULL pointer dereference vulnerability in libpurple's MSN protocol plugin in Pidgin before 2.7.9

CVE-2010-4528 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:P

directconn.c in the MSN protocol plugin in libpurple 2.7.6 through 2.7.8 in Pidgin before 2.7.9 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a short p2pv2 packet in a DirectConnect (aka direct connection) session.

Learn more about our User Device Pen Test.