Pidgin X-Status NULL Pointer Denial of Service
Medium Nessus Plugin ID 47802
SynopsisAn instant messaging client installed on the remote Windows host is affected by a denial of service vulnerability.
DescriptionThe version of Pidgin installed on the remote host is earlier than 2.7.2. Such versions have a denial of service vulnerability when processing a malformed X-Status message due to a reference to a NULL pointer in the oscar protocol plugin.
SolutionUpgrade to Pidgin 2.7.2 or later.