PublicDateAtUSN: 2013-02-16
Candidate: CVE-2013-0272
PublicDate: 2013-02-16 21:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0272
 http://pidgin.im/news/security/?id=66
 https://ubuntu.com/security/notices/USN-1746-1
Description:
 Buffer overflow in http.c in the MXit protocol plugin in libpurple in
 Pidgin before 2.10.7 allows remote servers to execute arbitrary code via a
 long HTTP header.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to: mdeslaur
CVSS: 

Patches_pidgin:
 upstream: http://hg.pidgin.im/pidgin/main/rev/879db2a9a59c
upstream_pidgin: released (2.10.6-3, 2.10.7)
hardy_pidgin: ignored (reached end-of-life)
lucid_pidgin: released (1:2.6.6-1ubuntu4.6)
oneiric_pidgin: released (1:2.10.0-0ubuntu2.2)
precise_pidgin: released (1:2.10.3-0ubuntu1.3)
quantal_pidgin: released (1:2.10.6-0ubuntu2.2)
devel_pidgin: not-affected (1:2.10.7-0ubuntu1)