libpurple

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description IM library extracted from Pidgin
Version 2.13.0-4 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-226 2.11.0-2 2.12.0-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2017-2640 AVG-226 High Yes Arbitrary code execution
An out-of-bounds write has been found in libpurple < 2.12.0 in the purple_markup_unescape_entity function. This issue can be triggered by a malicious server...

Advisories

Date Advisory Group Severity Description
21 Mar 2017 ASA-201703-18 AVG-226 High arbitrary code execution