Mandriva Linux Security Advisory : pidgin (MDVSA-2010:097)
Medium Nessus Plugin ID 46663
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA security vulnerability has been identified and fixed in pidgin :
The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote attackers to cause a denial of service (application crash) via a custom emoticon in a malformed SLP message (CVE-2010-1624).
Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products.
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.