Use-after-free vulnerability in create_smp_dialog function in gtk-dialog.c in Pidgin OTR Plugin before 4.0.2 allows remote code execution

Use-after-free vulnerability in create_smp_dialog function in gtk-dialog.c in Pidgin OTR Plugin before 4.0.2 allows remote code execution

CVE-2015-8833 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the "Authenticate buddy" menu item.

Learn more about our Web Application Penetration Testing UK.