CVE-2008-2955
EPSS 17.7%
Description
Pidgin 2.4.1 allows remote attackers to cause a denial of service (crash) via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msn_slplink_process_msg function.
How to fix CVE-2008-2955
To remediate CVE-2008-2955, upgrade the affected package to a fixed version below.
- Debian/pidgin—upgrade to 2.4.3-1 or later
Is CVE-2008-2955 being exploited?
Moderate — EPSS is 17.7%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 2.4.3-1