Lucene search

K
cve[email protected]CVE-2013-6479
HistoryFeb 06, 2014 - 4:10 p.m.

CVE-2013-6479

2014-02-0616:10:58
CWE-399
web.nvd.nist.gov
33
cve-2013-6479
libpurple
pidgin
memory allocation
denial of service
nvd

6.2 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.008 Low

EPSS

Percentile

81.6%

util.c in libpurple in Pidgin before 2.10.8 does not properly allocate memory for HTTP responses that are inconsistent with the Content-Length header, which allows remote HTTP servers to cause a denial of service (application crash) via a crafted response.

Affected configurations

NVD
Node
pidginpidginRange2.10.7
OR
pidginpidginMatch2.0.0
OR
pidginpidginMatch2.0.1
OR
pidginpidginMatch2.0.2
OR
pidginpidginMatch2.1.0
OR
pidginpidginMatch2.1.1
OR
pidginpidginMatch2.2.0
OR
pidginpidginMatch2.2.1
OR
pidginpidginMatch2.2.2
OR
pidginpidginMatch2.3.0
OR
pidginpidginMatch2.3.1
OR
pidginpidginMatch2.4.0
OR
pidginpidginMatch2.4.1
OR
pidginpidginMatch2.4.2
OR
pidginpidginMatch2.4.3
OR
pidginpidginMatch2.5.0
OR
pidginpidginMatch2.5.1
OR
pidginpidginMatch2.5.2
OR
pidginpidginMatch2.5.3
OR
pidginpidginMatch2.5.4
OR
pidginpidginMatch2.5.5
OR
pidginpidginMatch2.5.6
OR
pidginpidginMatch2.5.7
OR
pidginpidginMatch2.5.8
OR
pidginpidginMatch2.5.9
OR
pidginpidginMatch2.6.0
OR
pidginpidginMatch2.6.1
OR
pidginpidginMatch2.6.2
OR
pidginpidginMatch2.6.3
OR
pidginpidginMatch2.6.4
OR
pidginpidginMatch2.6.5
OR
pidginpidginMatch2.6.6
OR
pidginpidginMatch2.7.0
OR
pidginpidginMatch2.7.1
OR
pidginpidginMatch2.7.2
OR
pidginpidginMatch2.7.3
OR
pidginpidginMatch2.7.4
OR
pidginpidginMatch2.7.5
OR
pidginpidginMatch2.7.6
OR
pidginpidginMatch2.7.7
OR
pidginpidginMatch2.7.8
OR
pidginpidginMatch2.7.9
OR
pidginpidginMatch2.7.10
OR
pidginpidginMatch2.7.11
OR
pidginpidginMatch2.8.0
OR
pidginpidginMatch2.9.0
OR
pidginpidginMatch2.10.0
OR
pidginpidginMatch2.10.1
OR
pidginpidginMatch2.10.2
OR
pidginpidginMatch2.10.3
OR
pidginpidginMatch2.10.4
OR
pidginpidginMatch2.10.5
OR
pidginpidginMatch2.10.6

6.2 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.008 Low

EPSS

Percentile

81.6%