It was discovered a vulnerability in Pidgin, a multi-protocol instant
messaging client. A server controlled by an attacker can send an invalid
XML that can trigger an out-of-bound memory access. This might lead to a
crash or, in some extreme cases, to remote code execution in the
client-side.