Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2016-1000030
HistorySep 05, 2018 - 5:29 p.m.

CVE-2016-1000030

2018-09-0517:29:00
CWE-295
[email protected]
web.nvd.nist.gov
18
pidgin
x.509
vulnerability
code execution
fix
cve-2016-1000030
nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.7%

JSON

Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be exploitable via custom X.509 certificate from another client. This vulnerability appears to have been fixed in 2.11.0.

Affected configurations

NVD
Node
suselinux_enterprise_serverMatch11sp4
Node
pidginpidginRange<2.11.0

Related

openvas 5
cvelist 1
prion 1
redhatcve 1
ubuntucve 1
nvd 1
debiancve 1
nessus 4
rosalinux 1
gentoo 1
openvas
openvas
Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2020-2385)
2020-11-04 00:00:00
Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2020-2062)
2020-09-29 00:00:00
Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2020-2262)
2020-10-30 00:00:00
cvelist
cvelist
CVE-2016-1000030
2018-09-05 17:00:00
prion
prion
Design/Logic Flaw
2018-09-05 17:29:00
redhatcve
redhatcve
CVE-2016-1000030
2016-07-20 08:18:24
ubuntucve
ubuntucve
CVE-2016-1000030
2018-09-05 00:00:00
nvd
nvd
CVE-2016-1000030
2018-09-05 17:29:00
debiancve
debiancve
CVE-2016-1000030
2018-09-05 17:29:00
nessus
nessus
EulerOS 2.0 SP5 : pidgin (EulerOS-SA-2020-2262)
2020-10-30 00:00:00
EulerOS 2.0 SP2 : pidgin (EulerOS-SA-2020-2385)
2020-11-03 00:00:00
EulerOS 2.0 SP3 : pidgin (EulerOS-SA-2020-2062)
2020-09-28 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1951
2021-07-02 17:58:49
gentoo
gentoo
Pidgin: Multiple vulnerabilities
2017-01-17 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.7%

JSON
Related for CVE-2016-1000030
openvas5cvelist1prion1redhatcve1ubuntucve1nvd1debiancve1nessus4rosalinux1gentoo1