A critical vulnerability in the Pidgin instant messenger application can be exploited by attackers to inject and execute malware on a computer. The cause of the problem is a bug in the libpurple library used by Pidgin, which allows code to be written to memory and executed using crafted MSN-SLP packets. No interaction from the victim is required and an attacker does not need to be in the victim’s buddy list to carry out a successful attack.
I tried to find if someone posted it already but couldn’t find, sorry if I oversaw something. Maybe this interests some people.