CVE-2010-1624

Name of the Vulnerable Software and Affected Versions Pidgin versions prior to 2.7.0

Description The issue allows remote authenticated users to cause a denial of service, resulting in a NULL pointer dereference and application crash. This is achieved by sending a custom emoticon in a malformed SLP message.

Recommendations For versions prior to 2.7.0, update to version 2.7.0 or later to resolve the issue. As a temporary workaround, consider disabling the use of custom emoticons in SLP messages until a patch is available. Restrict access to the MSN protocol plugin to minimize the risk of exploitation.