CVE-2009-1374

Name of the Vulnerable Software and Affected Versions Pidgin versions prior to 2.5.6 libpurple-tcl versions prior to 2.5.6 libpurple-devel versions prior to 2.5.6 libpurple versions prior to 2.5.6

Description The issue is related to a buffer overflow in the decrypt out function, which allows remote attackers to cause a denial of service, resulting in an application crash. Multiple vulnerabilities in the libpurple package may lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely.

Recommendations For Pidgin versions prior to 2.5.6, update to version 2.5.6 or later. For libpurple-tcl versions prior to 2.5.6, update to version 2.5.6 or later. For libpurple-devel versions prior to 2.5.6, update to version 2.5.6 or later. For libpurple versions prior to 2.5.6, update to version 2.5.6 or later.