*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: pidgin CVE-2008-2927 is a remote buffer overflow vulnerability in the MSN protocol handler. Apparently it can lead to arbitrary code execution. It's not yet in the public vulnerability databases, so please see the Debian bug for reference: <http://bugs.debian.org/cgi- bin/bugreport.cgi?bug=488632>. I think it is the same issue as described in this Bugtraq post <http://www.securityfocus.com/archive/1/493682/30/60/threaded>. ** Affects: pidgin (Ubuntu) Importance: Undecided Status: New ** Affects: pidgin (Debian) Importance: Unknown Status: New ** Affects: pidgin (Fedora) Importance: Unknown Status: Unknown ** Visibility changed to: Public ** Bug watch added: Debian Bug tracker #488632 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=488632 ** Also affects: pidgin (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=488632 Importance: Unknown Status: Unknown ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-2927 -- [CVE-2008-2927] MSN integer overflow in Pidgin https://bugs.launchpad.net/bugs/245770 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs