Some vulnerabilities and weaknesses have been reported in Pidgin,
which can be exploited by malicious people to cause a DoS or to
potentially compromise a user's system.
A truncation error in the processing of MSN SLP messages can be
exploited to cause a buffer overflow.
A boundary error in the XMPP SOCKS5 "bytestream" server when
initiating an outgoing file transfer can be exploited to cause a
buffer overflow.
A boundary error exists in the implementation of the
"PurpleCircBuffer" structure. This can be exploited to corrupt memory
and cause a crash via specially crafted XMPP or Sametime
packets.
A boundary error in the "decrypt_out()" function can be exploited
to cause a stack-based buffer overflow with 8 bytes and crash the
application via a specially crafted QQ packet.