Format String Vulnerability in Pidgin-OTR Plugin's log_message_cb Function

CVE-2012-2369 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbitrary code via format string specifiers in data that generates a log message.

Learn more about our Web Application Penetration Testing UK.