The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle message containing a file: URL that is improperly handled during construction of an explorer.exe command. Successful exploitation allows attackers to execute arbitrary programs.