CVE-2010-0423
The MITRE CVE dictionary describes this issue as:
gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service (CPU consumption and application hang) by sending many smileys in a (1) IM or (2) chat.
Find out more about CVE-2010-0423 from the MITRE CVE dictionary dictionary and NIST NVD.
Statement
The Red Hat Security Response Team has rated this issue as having low security impact.
For Red Hat Enterprise Linux 4 and 5, this issue was addressed via https://rhn.redhat.com/errata/RHSA-2010-0115.html
We currently have no plans to fix this flaw in Red Hat Enterprise Linux 3 as the issue only causes Pidgin client to become unresponsive or crash.
CVSS v2 metrics
| Base Score | 4.3 |
|---|---|
| Base Metrics | AV:N/AC:M/Au:N/C:N/I:N/A:P |
| Access Vector | Network |
| Access Complexity | Medium |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | None |
| Availability Impact | Partial |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux 4 (pidgin) | RHSA-2010:0115 | 2010-02-18 |
| Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server) (pidgin) | RHSA-2010:0115 | 2010-02-18 |
| Red Hat Enterprise Linux 5 (pidgin) | RHSA-2010:0115 | 2010-02-18 |
CVE description copyright © 2017, The MITRE Corporation