Scientific Linux Security Update : pidgin on SL4.x, SL5.x i386/x86_64
Medium Nessus Plugin ID 60724
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA directory traversal flaw was discovered in Pidgin's MSN protocol implementation. A remote attacker could send a specially crafted emoticon image download request that would cause Pidgin to disclose an arbitrary file readable to the user running Pidgin. (CVE-2010-0013)
These packages upgrade Pidgin to version 2.6.5.
Pidgin must be restarted for this update to take effect.
SolutionUpdate the affected packages.