Back to search
CVE-2015-8833
Published: Apr 8, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the "Authenticate buddy" menu item.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
DSA-3528
vendor-advisory
x_refsource_DEBIAN
SUSE-SU-2016:0912
vendor-advisory
x_refsource_SUSE
[OTR-users] 20160309 New releases of libotr (4.1.1) and pidgin-otr (4.0.2) available
mailing-list
x_refsource_MLIST
https://bugs.otr.im/issues/128
x_refsource_CONFIRM
https://bugs.otr.im/issues/88
x_refsource_CONFIRM
GLSA-201701-10
vendor-advisory
x_refsource_GENTOO
openSUSE-SU-2016:0878
vendor-advisory
x_refsource_SUSE
[oss-security] 20160309 Re: Heap use after free in Pidgin-OTR plugin
mailing-list
x_refsource_MLIST
84295
vdb-entry
x_refsource_BID
[oss-security] 20160309 Heap use after free in Pidgin-OTR plugin
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now