Launchpad CVE tracker

CVE 2009-1373

Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained from third party information.

Related bugs and status

CVE-2009-1373 (Candidate) is related to these bugs:

Bug #382644: Security Vulnerabilities in Pidgin 2.5.5

Summary				In	Importance	Status
	382644	Security Vulnerabilities in Pidgin 2.5.5		pidgin (Ubuntu)	Undecided	Fix Released

Bug #383335: Please update pidgin to fix security vulnerabilities

Summary				In	Importance	Status
	383335	Please update pidgin to fix security vulnerabilities		The Dell Mini Project	Undecided	Confirmed

Bug #384222: Various security issues fixed in pidgin 2.5.6

		In	Importance	Status
384222	Various security issues fixed in pidgin 2.5.6	pidgin (Ubuntu)	Low	Fix Released
384222	Various security issues fixed in pidgin 2.5.6	pidgin (Ubuntu Hardy)	Undecided	Fix Released
384222	Various security issues fixed in pidgin 2.5.6	pidgin (Ubuntu Intrepid)	Undecided	Fix Released
384222	Various security issues fixed in pidgin 2.5.6	pidgin (Ubuntu Jaunty)	Undecided	Fix Released
384222	Various security issues fixed in pidgin 2.5.6	pidgin (Ubuntu Karmic)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2009-1373

References