CVE-2013-6487

EPSS 3.9%

libgadu - heap-based buffer overflow

Published: 2/6/2014Modified: 4/28/2026

Also known as:DEBIAN-CVE-2013-6487

Description

Integer overflow in libpurple/protocols/gg/lib/http.c in the Gadu-Gadu (gg) parser in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a large Content-Length value, which triggers a buffer overflow.

Affected packages (3)

Debian/libgadufrom 0, < 1:1.11.3-1
Debian/libgadufrom 0, < 1:1.11.2-1+deb7u1
Debian/pidginfrom 0, < 2.10.8-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-6487