Pidgin · Libpurple · CVE-2013-6477
**Name of the Vulnerable Software and Affected Versions**
Pidgin versions prior to 2.10.8
**Description**
The issue is caused by multiple integer signedness errors in libpurple, allowing remote attackers to cause a denial of service, resulting in an application crash. This can be achieved by sending a crafted timestamp value in an XMPP message.
**Recommendations**
For versions prior to 2.10.8, update to version 2.10.8 or later to resolve the issue.