Launchpad.net

CVE 2012-2369

Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbitrary code via format string specifiers in data that generates a log message.

Related bugs and status

CVE-2012-2369 (Candidate) is related to these bugs:

Bug #1000363: CVE-2012-2369: Format string security vulnerability

		In	Importance	Status
1000363	CVE-2012-2369: Format string security vulnerability	pidgin-otr (Ubuntu)	High	Fix Released
1000363	CVE-2012-2369: Format string security vulnerability	pidgin-otr (Ubuntu Lucid)	Undecided	Fix Released
1000363	CVE-2012-2369: Format string security vulnerability	pidgin-otr (Ubuntu Natty)	Undecided	Fix Released
1000363	CVE-2012-2369: Format string security vulnerability	pidgin-otr (Ubuntu Precise)	Undecided	Fix Released
1000363	CVE-2012-2369: Format string security vulnerability	pidgin-otr (Ubuntu Quantal)	High	Fix Released
1000363	CVE-2012-2369: Format string security vulnerability	pidgin-otr (Ubuntu Oneiric)	Undecided	Fix Released
1000363	CVE-2012-2369: Format string security vulnerability	pidgin-otr (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2012-2369

Related bugs and status

Related bugs

References