CVE-2015-8833

NameCVE-2015-8833
DescriptionUse-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the "Authenticate buddy" menu item.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-3528-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
pidgin-otr (PTS)buster4.0.2-2fixed
sid, trixie, bookworm, bullseye4.0.2-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
pidgin-otrsourcewheezy(not affected)
pidgin-otrsourcejessie4.0.1-1+deb8u1DSA-3528-1
pidgin-otrsource(unstable)4.0.2-1

Notes

[wheezy] - pidgin-otr <not-affected> (Vulnerable code not present)
https://blog.fuzzing-project.org/39-Heap-use-after-free-in-Pidgin-OTR-plugin.html
https://bugs.otr.im/issues/88
https://bugs.otr.im/issues/128
Fixed by: https://bugs.otr.im/projects/pidgin-otr/repository/revisions/aaf551b9dd5cbba8c4abaa3d4dc7ead860efef94
Introduced by: https://bugs.otr.im/projects/pidgin-otr/repository/revisions/c276bfa786bef8a4572a37d5633cf40f480d3ae0
https://www.openwall.com/lists/oss-security/2016/03/09/8

Search for package or bug name: Reporting problems