PublicDate: 2009-05-26 15:30:00 UTC
Candidate: CVE-2009-1373
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373
 https://ubuntu.com/security/notices/USN-781-2
 https://ubuntu.com/security/notices/USN-781-1
Description:
 Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly
 Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary
 code via vectors involving an outbound XMPP file transfer.  NOTE: some of
 these details are obtained from third party information.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/bugs/384222
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_pidgin:
 upstream: http://developer.pidgin.im/viewmtn/revision/info/8331e31aeb0f14ac9b94a06bea4353bd9a01ba5a
upstream_pidgin: released (2.5.6)
dapper_pidgin: DNE
feisty_pidgin: DNE
hardy_pidgin: released (1:2.4.1-1ubuntu2.4)
intrepid_pidgin: released (1:2.5.2-0ubuntu1.2)
jaunty_pidgin: released (1:2.5.5-1ubuntu8.1)
devel_pidgin: not-affected (1:2.5.6-1ubuntu1)

Patches_gaim:
upstream_gaim: released (2.5.6)
dapper_gaim: released (1:1.5.0+1.5.1cvs20051015-1ubuntu10.2)
gutsy_gaim: DNE
hardy_gaim: DNE
intrepid_gaim: DNE
jaunty_gaim: DNE
devel_gaim: DNE