Lucene search
HistoryFeb 06, 2014 - 4:10 p.m.
CVE-2012-6152
cve-2012-6152
libpurple
pidgin
denial of service
application crash
remote attackers
utf-8 validation
yahoo! protocol plugin
6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.023 Low
EPSS
Percentile
89.6%
The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service (application crash) via crafted byte sequences.
Affected configurations
Node
pidginpidginRange≤2.10.7
ORpidginpidginMatch2.0.0
ORpidginpidginMatch2.0.1
ORpidginpidginMatch2.0.2
ORpidginpidginMatch2.1.0
ORpidginpidginMatch2.1.1
ORpidginpidginMatch2.2.0
ORpidginpidginMatch2.2.1
ORpidginpidginMatch2.2.2
ORpidginpidginMatch2.3.0
ORpidginpidginMatch2.3.1
ORpidginpidginMatch2.4.0
ORpidginpidginMatch2.4.1
ORpidginpidginMatch2.4.2
ORpidginpidginMatch2.4.3
ORpidginpidginMatch2.5.0
ORpidginpidginMatch2.5.1
ORpidginpidginMatch2.5.2
ORpidginpidginMatch2.5.3
ORpidginpidginMatch2.5.4
ORpidginpidginMatch2.5.5
ORpidginpidginMatch2.5.6
ORpidginpidginMatch2.5.7
ORpidginpidginMatch2.5.8
ORpidginpidginMatch2.5.9
ORpidginpidginMatch2.6.0
ORpidginpidginMatch2.6.1
ORpidginpidginMatch2.6.2
ORpidginpidginMatch2.6.3
ORpidginpidginMatch2.6.4
ORpidginpidginMatch2.6.5
ORpidginpidginMatch2.6.6
ORpidginpidginMatch2.7.0
ORpidginpidginMatch2.7.1
ORpidginpidginMatch2.7.2
ORpidginpidginMatch2.7.3
ORpidginpidginMatch2.7.4
ORpidginpidginMatch2.7.5
ORpidginpidginMatch2.7.6
ORpidginpidginMatch2.7.7
ORpidginpidginMatch2.7.8
ORpidginpidginMatch2.7.9
ORpidginpidginMatch2.7.10
ORpidginpidginMatch2.7.11
ORpidginpidginMatch2.8.0
ORpidginpidginMatch2.9.0
ORpidginpidginMatch2.10.0
ORpidginpidginMatch2.10.1
ORpidginpidginMatch2.10.2
ORpidginpidginMatch2.10.3
ORpidginpidginMatch2.10.4
ORpidginpidginMatch2.10.5
ORpidginpidginMatch2.10.6
Related
ubuntucve
ubuntucve
CVE-2012-6152
2014-02-05 00:00:00
prion
prion
Design/Logic Flaw
2014-02-06 16:10:00
nvd
nvd
CVE-2012-6152
2014-02-06 16:10:58
debiancve
debiancve
CVE-2012-6152
2014-02-06 16:10:58
cvelist
cvelist
CVE-2012-6152
2014-02-06 15:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:56:22
NULL Pointer Dereference
2019-05-02 05:01:11
Integer Overflow
2019-05-02 05:01:11
nessus
nessus
openSUSE Security Update : pidgin / pidgin-branding-openSUSE (openSUSE-SU-2014:0239-1)
2014-06-13 00:00:00
Oracle Linux 6 : pidgin (ELSA-2014-0139)
2014-02-06 00:00:00
Fedora 20 : pidgin-2.10.9-1.fc20 (2014-2013)
2014-02-06 00:00:00
openvas
openvas
CentOS Update for finch CESA-2014:0139 centos6
2014-02-11 00:00:00
CentOS Update for finch CESA-2014:0139 centos5
2014-02-11 00:00:00
Mageia: Security Advisory (MGASA-2014-0034)
2022-01-28 00:00:00
securityvulns
securityvulns
libgadu / libpurple / Pidgin multiple security vulnerabilities
2014-02-10 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: pidgin-2.10.9-1.fc19
2014-02-14 08:00:10
[SECURITY] Fedora 20 Update: pidgin-2.10.9-1.fc20
2014-02-06 03:50:31
centos
centos
finch, libpurple, pidgin security update
2014-02-05 19:41:13
redhat
redhat
(RHSA-2014:0139) Moderate: pidgin security update
2014-02-05 00:00:00
ubuntu
ubuntu
Pidgin vulnerabilities
2014-02-06 00:00:00
oraclelinux
oraclelinux
pidgin security update
2014-02-05 00:00:00
mageia
mageia
Updated pidgin package fixes security vulnerabilities
2014-02-05 19:31:44
slackware
slackware
pidgin
2014-02-03 13:58:20
gentoo
gentoo
Pidgin: Multiple vulnerabilities
2014-05-18 00:00:00
6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.023 Low
EPSS
Percentile
89.6%
Related for CVE-2012-6152