Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927.
Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64 openSUSE 10.3 openSUSE 11.0 openSUSE 11.1 SUSE Linux Enterprise Desktop 11 GA SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise SDK 10 SP2 SUSE Linux Enterprise SDK 11 GA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4