Pidgin < 2.9.0 gdk_pixbuf__gif_image_load() Denial of Service

Medium Nessus Plugin ID 55436


An instant messaging client installed on the remote Windows host is affected by a denial of service vulnerability.


The version of Pidgin installed on the remote host is earlier than 2.9.0. As such, it is potentially affected by a denial of service vulnerability.

The function 'gdk_pixbuf__gif_image_load' contains an error that allows a crafted GIF image file, when used as a buddy image, to cause memory exhaustion and finally process termination.


Upgrade to Pidgin 2.9.0 or later.

See Also

Plugin Details

Severity: Medium

ID: 55436

File Name: pidgin_2_9_0.nasl

Version: 1.5

Type: local

Agent: windows

Family: Windows

Published: 2011/06/27

Updated: 2018/07/24

Dependencies: 34205

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:pidgin:pidgin

Required KB Items: SMB/Pidgin/Version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2011/06/23

Vulnerability Publication Date: 2011/06/24

Reference Information

CVE: CVE-2011-2485

BID: 48425

Secunia: 45037