Pidgin · Libpurple · CVE-2013-6484
**Name of the Vulnerable Software and Affected Versions**
Pidgin versions prior to 2.10.8
**Description**
The issue is related to the STUN protocol implementation in libpurple. It allows remote STUN servers to cause a denial of service by triggering a socket read error, leading to an out-of-bounds write operation and application crash. This can be exploited by a remote attacker to manipulate software sockets and cause a denial of service.
**Recommendations**
For versions prior to 2.10.8, update to version 2.10.8 or later to resolve the issue. As a temporary workaround, consider restricting access to remote STUN servers to minimize the risk of exploitation.