Pidgin OTR < 3.2.1 Format String

Critical Nessus Plugin ID 59195


The remote host has an application installed that is affected by a remote format string vulnerability.


The version of Pidgin OTR (Off-the-Record) installed on the remote Windows host is prior to 3.2.1 and is, therefore, affected by a format string vulnerability that could allow a remote attacker to execute arbitrary code on the affected host.


Upgrade to Pidgin OTR 3.2.1 or higher.

See Also

Plugin Details

Severity: Critical

ID: 59195

File Name: pidgin_otr_3_2_1.nasl

Version: $Revision: 1.6 $

Type: local

Agent: windows

Family: Windows

Published: 2012/05/18

Modified: 2017/08/15

Dependencies: 59194

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

CPE: cpe:/a:otr:pidgin-otr

Required KB Items: SMB/Pidgin_OTR/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/05/16

Vulnerability Publication Date: 2012/05/16

Reference Information

CVE: CVE-2012-2369

BID: 53557

OSVDB: 82124