Scientific Linux Security Update : pidgin on SL3.x, SL4.x, SL5.x i386/x86_64

This script is Copyright (C) 2012 Tenable Network Security, Inc.

Synopsis :

The remote Scientific Linux host is missing one or more security

Description :

CVE-2009-2694 pidgin: insufficient input validation in

Federico Muttis of Core Security Technologies discovered a flaw in
Pidgin's MSN protocol handler. If a user received a malicious MSN
message, it was possible to execute arbitrary code with the
permissions of the user running Pidgin. (CVE-2009-2694)

Pidgin must be restarted for this update to take effect.

See also :

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
Public Exploit Available : true

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60644 ()

Bugtraq ID:

CVE ID: CVE-2009-2694