{"id":"MGASA-2014-0034","summary":"Updated pidgin package fixes security vulnerabilities","details":"Many places in the Yahoo! protocol plugin assumed incoming strings were\nUTF-8 and failed to transcode from non-UTF-8 encodings. This can lead to a\ncrash  when receiving strings that aren't UTF-8 (CVE-2012-6152).\n\nA remote XMPP user can trigger a crash on some systems by sending a\nmessage with a timestamp in the distant future (CVE-2013-6477).\n\nlibX11 forcefully exits causing a crash when Pidgin tries to create an\nexceptionally wide tooltip window when hovering the pointer over a long\nURL (CVE-2013-6478).\n\nA malicious server or man-in-the-middle could send a malformed HTTP\nresponse that could lead to a crash (CVE-2013-6479).\n\nThe Yahoo! protocol plugin failed to validate a length field before trying\nto read from a buffer, which could result in reading past the end of the\nbuffer which could cause a crash when reading a P2P message\n(CVE-2013-6481).\n\nNULL pointer dereferences in the MSN protocol plugin due to a malformed\nContent-Length header, or a malicious server or man-in-the-middle sending\na specially crafted OIM data XML response or SOAP response\n(CVE-2013-6482).\n\nThe XMPP protocol plugin failed to ensure that iq replies came from the\nperson they were sent to. A remote user could send a spoofed iq reply and\nattempt to guess the iq id. This could allow an attacker to inject fake\ndata or trigger a null pointer dereference (CVE-2013-6483).\n\nIncorrect error handling when reading the response from a STUN server\ncould lead to a crash (CVE-2013-6484).\n\nA malicious server or man-in-the-middle could cause a buffer overflow by\nsending a malformed HTTP response with chunked Transfer-Encoding with\ninvalid chunk sizes (CVE-2013-6485).\n\nA malicious server or man-in-the-middle could send a large value for\nContent-Length and cause an integer overflow which could lead to a buffer\noverflow in Gadu-Gadu HTTP parsing (CVE-2013-6487).\n\nA specially crafted emoticon value could cause an integer overflow which\ncould lead to a buffer overflow in MXit emoticon parsing (CVE-2013-6489).\n\nA Content-Length of -1 could lead to a buffer overflow in SIMPLE header\nparsing (CVE-2013-6490).\n\nA malicious server or man-in-the-middle could trigger a crash in IRC\nargument parsing in libpurple by sending a message with fewer than\nexpected arguments\n(CVE-2014-0020).\n","modified":"2026-04-16T06:23:42.117407209Z","published":"2014-02-05T15:31:44Z","upstream":["CVE-2012-6152","CVE-2013-6477","CVE-2013-6478","CVE-2013-6479","CVE-2013-6481","CVE-2013-6482","CVE-2013-6483","CVE-2013-6484","CVE-2013-6485","CVE-2013-6487","CVE-2013-6489","CVE-2013-6490","CVE-2014-0020"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0034.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=12468"},{"type":"WEB","url":"http://pidgin.im/news/security/?id=70"},{"type":"WEB","url":"http://pidgin.im/news/security/?id=71"},{"type":"WEB","url":"http://pidgin.im/news/security/?id=72"},{"type":"WEB","url":"http://pidgin.im/news/security/?id=73"},{"type":"WEB","url":"http://pidgin.im/news/security/?id=74"},{"type":"WEB","url":"http://pidgin.im/news/security/?id=75"},{"type":"WEB","url":"http://pidgin.im/news/security/?id=76"},{"type":"WEB","url":"http://pidgin.im/news/security/?id=77"},{"type":"WEB","url":"http://pidgin.im/news/security/?id=78"},{"type":"WEB","url":"http://pidgin.im/news/security/?id=79"},{"type":"WEB","url":"http://pidgin.im/news/security/?id=80"},{"type":"WEB","url":"http://pidgin.im/news/security/?id=82"},{"type":"WEB","url":"http://pidgin.im/news/security/?id=83"},{"type":"WEB","url":"http://pidgin.im/news/security/?id=84"},{"type":"WEB","url":"http://pidgin.im/news/security/?id=85"},{"type":"WEB","url":"https://developer.pidgin.im/wiki/ChangeLog"}],"affected":[{"package":{"name":"pidgin","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/pidgin?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.10.9-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0034.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}