KLA10781
Code execution vulnerability in pidgin-otr plugin.
Обновлено: 17/06/2019
Дата обнаружения
11/04/2016
Уровень угрозы
Critical
Описание

Use-after-free vulnerability was found in Off-the-Record Messaging (OTR) pidgin-otr plugin. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via vectors related to the «Authenticate buddy» menu item.


Technical details

This vulnerability is in the create_smp_dialog function in gtk-dialog.c and related to the «Authenticate buddy» menu item.

Пораженные продукты

Off-the-Record Messaging (OTR) pidgin-otr plugin versions earlier 4.0.2

Решение

Update to the latest version
Download page with latest version of pidgin-otr plugin

Оказываемое влияние
?
ACE 
[?]
Связанные продукты
Pidgin
CVE-IDS
CVE-2015-883310.0Critical