CVE-2009-1375
EPSS 5.3%
Description
The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service (memory corruption and application crash) via vectors involving the (1) XMPP or (2) Sametime protocol.
How to fix CVE-2009-1375
To remediate CVE-2009-1375, upgrade the affected package to a fixed version below.
- Debian/pidgin—upgrade to 2.5.6-1 or later
Is CVE-2009-1375 being exploited?
Moderate — EPSS is 5.3%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 2.5.6-1