PublicDateAtUSN: 2013-02-16
Candidate: CVE-2013-0273
PublicDate: 2013-02-16 21:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0273
 http://pidgin.im/news/security/?id=67
 https://ubuntu.com/security/notices/USN-1746-1
Description:
 sametime.c in the Sametime protocol plugin in libpurple in Pidgin before
 2.10.7 does not properly terminate long user IDs, which allows remote
 servers to cause a denial of service (application crash) via a crafted
 packet.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_pidgin:
 upstream: http://hg.pidgin.im/pidgin/main/rev/c31cf8de31cd
upstream_pidgin: released (2.10.6-3, 2.10.7)
hardy_pidgin: ignored (reached end-of-life)
lucid_pidgin: released (1:2.6.6-1ubuntu4.6)
oneiric_pidgin: released (1:2.10.0-0ubuntu2.2)
precise_pidgin: released (1:2.10.3-0ubuntu1.3)
quantal_pidgin: released (1:2.10.6-0ubuntu2.2)
devel_pidgin: not-affected (1:2.10.7-0ubuntu1)