Debian Security Advisory 1870-1 – Federico Muttis discovered that libpurple, the shared library that adds support for various instant messaging networks to the pidgin IM client, is vulnerable to a heap-based buffer overflow. This issue exists because of an incomplete fix for CVE-2008-2927 and CVE-2009-1376. An attacker can exploit this by sending two consecutive SLP packets to a victim via MSN.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/80503/dsa-1870-1.txt
Source: https://packetstormsecurity.com/files/80503/Debian-Linux-Security-Advisory-1870-1.html