FreeBSDB1CA65E6-5AAF-11DE-BC9B-0030843D3802pidgin -- multiple vulnerabilities
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.203 Low
EPSS
Percentile
96.3%
Secunia reports:
Some vulnerabilities and weaknesses have been reported in Pidgin,
which can be exploited by malicious people to cause a DoS or to
potentially compromise a userβs system.
A truncation error in the processing of MSN SLP messages can be
exploited to cause a buffer overflow.
A boundary error in the XMPP SOCKS5 βbytestreamβ server when
initiating an outgoing file transfer can be exploited to cause a
buffer overflow.
A boundary error exists in the implementation of the
βPurpleCircBufferβ structure. This can be exploited to corrupt memory
and cause a crash via specially crafted XMPP or Sametime
packets.
A boundary error in the βdecrypt_out()β function can be exploited
to cause a stack-based buffer overflow with 8 bytes and crash the
application via a specially crafted QQ packet.
Related
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.203 Low
EPSS
Percentile
96.3%