CVE-2009-1373

Description

Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained from third party information.

How to fix CVE-2009-1373

To remediate CVE-2009-1373, upgrade the affected package to a fixed version below.

• Debian/pidgin—upgrade to 2.5.6-1 or later

Is CVE-2009-1373 being exploited?

Moderate — EPSS is 8.4%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 2.5.6-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2009-1373