Download
| Alert*
[3.4] pidgin: Out-of-bounds write when stripping xml (CVE-2017-2640)
An out-of-bounds write vulnerability was found in purple_markup_unescape_entity. It can be triggered by sending invalid XML entities separated by whitespace, eg "ஸ". In default installation, this can get called only when receiving data from a server. Fixed In Version: pidgin 2.12.0
|