Launchpad CVE tracker

CVE 2009-3615

The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client.

Related bugs and status

CVE-2009-3615 (Candidate) is related to these bugs:

Bug #494002: [hardy] Failing to connect to MSN with 'protocol is not supported' error

		In	Importance	Status
494002	[hardy] Failing to connect to MSN with 'protocol is not supported' error	pidgin (Ubuntu)	Undecided	Fix Released
494002	[hardy] Failing to connect to MSN with 'protocol is not supported' error	Pidgin	Unknown	Unknown
494002	[hardy] Failing to connect to MSN with 'protocol is not supported' error	pidgin (Debian)	Unknown	Fix Released

Bug #501089: Security problem allows to remotely read user files (MSN protocol)

Summary				In	Importance	Status
	501089	Security problem allows to remotely read user files (MSN protocol)		pidgin (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2009-3615

References