Lucene search

FreeBSDA2C4D3D5-4C7B-11DF-83FB-0015587E2CC1

HistoryFeb 18, 2010 - 12:00 a.m.

pidgin -- multiple remote denial of service vulnerabilities

2010-02-1800:00:00

vuxml.freebsd.org

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.229 Low

EPSS

Percentile

96.5%

JSON

Three denial of service vulnerabilities where found in
pidgin and allow remote attackers to crash the application.
The developers summarized these problems as follows:

Pidgin can become unresponsive when displaying large
numbers of smileys

Certain nicknames in group chat rooms can trigger a
crash in Finch

Failure to validate all fields of an incoming message
can trigger a crash

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchpidgin< 2.6.6UNKNOWN
FreeBSDanynoarchlibpurple< 2.6.6UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	pidgin	< 2.6.6	UNKNOWN
FreeBSD	any	noarch	libpurple	< 2.6.6	UNKNOWN

References

pidgin.im/news/security/?id=43

pidgin.im/news/security/?id=44

pidgin.im/news/security/?id=45

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.229 Low

EPSS

Percentile

96.5%

JSON

Related for A2C4D3D5-4C7B-11DF-83FB-0015587E2CC1