This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.
An instant messaging client installed on the remote Windows host is
affected by an information disclosure vulnerability.
The version of Pidgin installed on the remote host is earlier than
2.7.10. Such versions are potentially affected by an information
disclosure vulnerability because the application does not properly
clear certain data structures used in 'libpurple/cipher.c' prior to
freeing. An attacker, exploiting this flaw, could potentially extract
partial information from memory regions freed by libpurple.
See also :
Upgrade to Pidgin 2.7.10 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.2
Public Exploit Available : false