Arbitrary Program Execution via File: URL in Pidgin on Windows

Arbitrary Program Execution via File: URL in Pidgin on Windows

CVE-2011-3185 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbitrary programs via a file: URL in a message.

Learn more about our User Device Pen Test.