CVE-2011-3184

Name of the Vulnerable Software and Affected Versions Pidgin versions prior to 2.10.0

Description The issue is related to the msn httpconn parse data function in the MSN protocol plugin, which does not properly handle HTTP 100 responses. This allows remote attackers to cause a denial of service, resulting in incorrect memory access and application crash, via crafted server messages.

Recommendations For versions prior to 2.10.0, update to version 2.10.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the MSN protocol plugin until the update is applied.