7.4 High
AI Score
Confidence
Low
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:S/C:C/I:C/A:C
0.042 Low
EPSS
Percentile
92.2%
Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained from third party information.
debian.org/security/2009/dsa-1805
secunia.com/advisories/35188
secunia.com/advisories/35194
secunia.com/advisories/35202
secunia.com/advisories/35215
secunia.com/advisories/35294
secunia.com/advisories/35329
secunia.com/advisories/35330
www.gentoo.org/security/en/glsa/glsa-200905-07.xml
www.mandriva.com/security/advisories?name=MDVSA-2009:140
www.mandriva.com/security/advisories?name=MDVSA-2009:173
www.pidgin.im/news/security/?id=29
www.redhat.com/support/errata/RHSA-2009-1059.html
www.redhat.com/support/errata/RHSA-2009-1060.html
www.securityfocus.com/bid/35067
www.ubuntu.com/usn/USN-781-1
www.ubuntu.com/usn/USN-781-2
www.vupen.com/english/advisories/2009/1396
bugzilla.redhat.com/show_bug.cgi?id=500488
exchange.xforce.ibmcloud.com/vulnerabilities/50682
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17722
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9005
www.redhat.com/archives/fedora-package-announce/2009-June/msg00033.html
www.redhat.com/archives/fedora-package-announce/2009-June/msg00051.html
www.redhat.com/archives/fedora-package-announce/2009-June/msg00075.html