Lucene search

K
cve[email protected]CVE-2013-6486
HistoryFeb 06, 2014 - 4:10 p.m.

CVE-2013-6486

2014-02-0616:10:58
CWE-20
web.nvd.nist.gov
26
cve-2013-6486
pidgin
windows
remote code execution
url handling
vulnerability

7.2 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.9%

gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted remote attackers to execute arbitrary programs via a message containing a file: URL that is improperly handled during construction of an explorer.exe command. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3185.

Affected configurations

NVD
Node
pidginpidginRange2.10.7
OR
pidginpidginMatch2.0.0
OR
pidginpidginMatch2.0.1
OR
pidginpidginMatch2.0.2
OR
pidginpidginMatch2.1.0
OR
pidginpidginMatch2.1.1
OR
pidginpidginMatch2.2.0
OR
pidginpidginMatch2.2.1
OR
pidginpidginMatch2.2.2
OR
pidginpidginMatch2.3.0
OR
pidginpidginMatch2.3.1
OR
pidginpidginMatch2.4.0
OR
pidginpidginMatch2.4.1
OR
pidginpidginMatch2.4.2
OR
pidginpidginMatch2.4.3
OR
pidginpidginMatch2.5.0
OR
pidginpidginMatch2.5.1
OR
pidginpidginMatch2.5.2
OR
pidginpidginMatch2.5.3
OR
pidginpidginMatch2.5.4
OR
pidginpidginMatch2.5.5
OR
pidginpidginMatch2.5.6
OR
pidginpidginMatch2.5.7
OR
pidginpidginMatch2.5.8
OR
pidginpidginMatch2.5.9
OR
pidginpidginMatch2.6.0
OR
pidginpidginMatch2.6.1
OR
pidginpidginMatch2.6.2
OR
pidginpidginMatch2.6.3
OR
pidginpidginMatch2.6.4
OR
pidginpidginMatch2.6.5
OR
pidginpidginMatch2.6.6
OR
pidginpidginMatch2.7.0
OR
pidginpidginMatch2.7.1
OR
pidginpidginMatch2.7.2
OR
pidginpidginMatch2.7.3
OR
pidginpidginMatch2.7.4
OR
pidginpidginMatch2.7.5
OR
pidginpidginMatch2.7.6
OR
pidginpidginMatch2.7.7
OR
pidginpidginMatch2.7.8
OR
pidginpidginMatch2.7.9
OR
pidginpidginMatch2.7.10
OR
pidginpidginMatch2.7.11
OR
pidginpidginMatch2.8.0
OR
pidginpidginMatch2.9.0
OR
pidginpidginMatch2.10.0
OR
pidginpidginMatch2.10.1
OR
pidginpidginMatch2.10.2
OR
pidginpidginMatch2.10.3
OR
pidginpidginMatch2.10.4
OR
pidginpidginMatch2.10.5
OR
pidginpidginMatch2.10.6

7.2 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.9%