Candidate: CVE-2009-3084
PublicDate: 2009-09-08 18:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3084
 http://www.pidgin.im/news/security/index.php?id=38
Description:
 The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c in
 the MSN protocol plugin in libpurple 2.6.0 and 2.6.1, as used in Pidgin
 before 2.6.2, allows remote attackers to cause a denial of service
 (application crash) via a handwritten (aka Ink) message, related to an
 uninitialized variable and the incorrect "UTF16-LE" charset name.
Ubuntu-Description:
Notes:
Bugs:
 http://developer.pidgin.im/ticket/10048
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_pidgin:
 upstream: http://developer.pidgin.im/viewmtn/revision/info/567e16cbc46168f52482e5ec27626c48e7a5ba95
upstream_pidgin: released (2.6.2)
dapper_pidgin: DNE
hardy_pidgin: not-affected (code not present)
intrepid_pidgin: not-affected (code not present)
jaunty_pidgin: not-affected (code not present)
karmic_pidgin: not-affected (1:2.6.2-1ubuntu2)
devel_pidgin: not-affected (1:2.6.2-1ubuntu2)