CVE-2010-0277

slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a different issue than CVE-2010-0013.

Affected Software

Name	Vendor	Start Version	End Version
Adium	Adium	1.3.8 (including)	1.3.8 (including)
Pidgin	Pidgin	*	2.6.5 (including)
Pidgin	Pidgin	2.0.0 (including)	2.0.0 (including)
Pidgin	Pidgin	2.0.1 (including)	2.0.1 (including)
Pidgin	Pidgin	2.0.2 (including)	2.0.2 (including)
Pidgin	Pidgin	2.1.0 (including)	2.1.0 (including)
Pidgin	Pidgin	2.1.1 (including)	2.1.1 (including)
Pidgin	Pidgin	2.2.0 (including)	2.2.0 (including)
Pidgin	Pidgin	2.2.1 (including)	2.2.1 (including)
Pidgin	Pidgin	2.2.2 (including)	2.2.2 (including)
Pidgin	Pidgin	2.3.0 (including)	2.3.0 (including)
Pidgin	Pidgin	2.3.1 (including)	2.3.1 (including)
Pidgin	Pidgin	2.4.0 (including)	2.4.0 (including)
Pidgin	Pidgin	2.4.1 (including)	2.4.1 (including)
Pidgin	Pidgin	2.4.2 (including)	2.4.2 (including)
Pidgin	Pidgin	2.4.3 (including)	2.4.3 (including)
Pidgin	Pidgin	2.5.0 (including)	2.5.0 (including)
Pidgin	Pidgin	2.5.1 (including)	2.5.1 (including)
Pidgin	Pidgin	2.5.2 (including)	2.5.2 (including)
Pidgin	Pidgin	2.5.3 (including)	2.5.3 (including)
Pidgin	Pidgin	2.5.4 (including)	2.5.4 (including)
Pidgin	Pidgin	2.5.5 (including)	2.5.5 (including)
Pidgin	Pidgin	2.5.6 (including)	2.5.6 (including)
Pidgin	Pidgin	2.5.7 (including)	2.5.7 (including)
Pidgin	Pidgin	2.5.8 (including)	2.5.8 (including)
Pidgin	Pidgin	2.5.9 (including)	2.5.9 (including)
Pidgin	Pidgin	2.6.0 (including)	2.6.0 (including)
Pidgin	Pidgin	2.6.1 (including)	2.6.1 (including)
Pidgin	Pidgin	2.6.2 (including)	2.6.2 (including)
Pidgin	Pidgin	2.6.4 (including)	2.6.4 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-0277
CWE	https://cwe.mitre.org/data/definitions/399.html

Affected Software

References