Red Hat Security Advisory 2014-0139-01 - Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A heap-based buffer overflow flaw was found in the way Pidgin processed certain HTTP responses. A malicious server could send a specially crafted HTTP response, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin. Multiple heap-based buffer overflow flaws were found in several protocol plug-ins in Pidgin. A malicious server could send a specially crafted message, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin.
02c189bcb1976a4f4f88111e98a6e444bb4d4b7b3022798749683cfa0197b660