About Ubuntu

=========================================================== Ubuntu Security Notice USN-781-2 June 03, 2009 gaim vulnerabilities CVE-2009-1373, CVE-2009-1376 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: gaim 1:1.5.0+1.5.1cvs20051015-1ubuntu10.2 After a standard system upgrade you need to restart Gaim to effect the necessary changes. Details follow: It was discovered that Gaim did not properly handle certain malformed messages when sending a file using the XMPP protocol handler. If a user were tricked into sending a file, a remote attacker could send a specially crafted response and cause Gaim to crash, or possibly execute arbitrary code with user privileges. (CVE-2009-1373) It was discovered that Gaim did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges. (CVE-2009-1376)