10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.203 Low
EPSS
Percentile
96.3%
Pidgin is a client for a variety of instant messaging protocols.
Multiple vulnerabilities were found in Pidgin:
A remote attacker could send specially crafted SLP (via MSN) or ICQ web messages, possibly leading to execution of arbitrary code with the privileges of the user running Pidgin, unauthorized information disclosure, or a Denial of Service.
There is no known workaround at this time.
All Pidgin users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-im/pidgin-2.5.9-r1"
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Gentoo | any | all | net-im/pidgin | < 2.5.9-r1 | UNKNOWN |