A flaw in a chat client used by millions worldwide to communicate on multiple networks at the same time opens users to potential dangers.A flaw in the manner in which Pidgen handles the MXit protocol was detected by researchers at TALOS. The bug opens users to the possibility of information leakage, denial of service, directory traversal and buffer overflow.Four information leakage flaws could enable specially crafted MXIT data sent from the server to cause an out-of-bounds read, which could then cause a crash or the leaking of information back to the server.As well, six DoS vulnerabilities could cause a null pointer dereference, also leading to a crash. A directory traversal flaw could result in an overwrite of files. And, five directory traversal vulnerabilities could trigger a buffer overflow.Patching software is essential to reduce the attack surface against these constant ongoing attacks, Talos advises.
Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Patch/Configuration Management, Incident Response, TDR, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security
Bug detected in popular chat client Pidgin
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



