SuSE 11 Security Update : pidgin (SAT Patch Number 2019)
Medium Nessus Plugin ID 44965
The remote SuSE 11 host is missing one or more security updates.
This update of pidgin fixes various security vulnerabilities : - Remote file disclosure vulnerability by using the MSN protocol. (CVE-2010-0013: CVSS v2 Base Score: 4.3 : Path Traversal (CWE-22)) - MSN protocol plugin in libpurple allowed remote attackers to cause a denial of service (memory corruption) at least. (CVE-2010-0277: CVSS v2 Base Score: 4.9 : Resource Management Errors (CWE-399)) - Same nick names in XMPP MUC lead to a crash in finch. (CVE-2010-0420) - A remote denial of service attack (resource consumption) is possible by sending an IM with a lot of smilies in it. (CVE-2010-0423)