Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-201405-22
HistoryMay 18, 2014 - 12:00 a.m.

Pidgin: Multiple vulnerabilities

2014-05-1800:00:00
Gentoo Foundation
security.gentoo.org
12

0.04 Low

EPSS

Percentile

92.0%

JSON

Background

Pidgin is a GTK Instant Messenger client for a variety of instant messaging protocols.

Description

Multiple vulnerabilities have been discovered in Pidgin. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could possibly execute arbitrary code with the privileges of the Pidgin process, cause a Denial of Service condition, overwrite files, or spoof traffic.

Workaround

There is no known workaround at this time.

Resolution

All Pidgin users on HPPA or users of GNOME 3.8 and later on AMD64 or X86 should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-im/pidgin-2.10.9-r1"

All Pidgin users on ALPHA, PPC, PPC64, SPARC, and users of GNOME before 3.8 on AMD64 and X86 should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-im/pidgin-2.10.9"
OSVersionArchitecturePackageVersionFilename
Gentooanyallnet-im/pidgin<Β 2.10.9UNKNOWN

Related

nessus 32
openvas 40
veracode 16
securityvulns 4
osv 2
oraclelinux 2
fedora 2
mageia 2
redhat 2
ubuntu 3
centos 2
debian 4
slackware 2
kaspersky 1
suse 4
freebsd 1
ubuntucve 15
debiancve 15
cvelist 14
cve 16
prion 15
talos 3
seebug 2
nessus
nessus
GLSA-201405-22 : Pidgin: Multiple vulnerabilities
2014-05-19 00:00:00
Oracle Linux 6 : pidgin (ELSA-2014-0139)
2014-02-06 00:00:00
Fedora 19 : pidgin-2.10.9-1.fc19 (2014-1999)
2014-02-17 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201405-22
2015-09-29 00:00:00
Ubuntu Update for pidgin USN-2100-1
2014-02-11 00:00:00
Fedora Update for pidgin FEDORA-2014-1999
2014-02-17 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:01:12
NULL Pointer Dereference
2019-05-02 05:01:11
BufferOverflow
2019-05-02 05:01:11
securityvulns
securityvulns
libgadu / libpurple / Pidgin multiple security vulnerabilities
2014-02-10 00:00:00
Pidgin multiple security vulnerabilities
2013-02-18 00:00:00
[slackware-security] pidgin &#40;SSA:2013-044-01&#41;
2013-02-18 00:00:00
osv
osv
pidgin - security update
2014-02-10 00:00:00
pidgin - several
2014-02-10 00:00:00
oraclelinux
oraclelinux
pidgin security update
2014-02-05 00:00:00
pidgin security update
2013-03-14 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: pidgin-2.10.9-1.fc20
2014-02-06 03:50:31
[SECURITY] Fedora 19 Update: pidgin-2.10.9-1.fc19
2014-02-14 08:00:10
mageia
mageia
Updated pidgin package fixes security vulnerabilities
2014-02-05 19:31:44
Updated libgadu packages fix security vulnerability
2014-02-16 17:23:36
redhat
redhat
(RHSA-2014:0139) Moderate: pidgin security update
2014-02-05 00:00:00
(RHSA-2013:0646) Moderate: pidgin security update
2013-03-14 00:00:00
ubuntu
ubuntu
Pidgin vulnerabilities
2014-02-06 00:00:00
Pidgin vulnerabilities
2013-02-25 00:00:00
libgadu vulnerability
2014-02-10 00:00:00
centos
centos
finch, libpurple, pidgin security update
2014-02-05 19:41:13
finch, libpurple, pidgin security update
2013-03-14 19:12:09
debian
debian
[SECURITY] [DSA 2859-1] pidgin security update
2014-02-10 17:30:48
[BSA-092] Security Update for pidgin
2014-02-22 11:36:11
[SECURITY] [DSA 2859-2] pidgin security update
2014-03-19 22:45:44
slackware
slackware
pidgin
2014-02-03 13:58:20
pidgin
2013-02-13 22:49:06
kaspersky
kaspersky
KLA10433 Multiple vulnerabilities in Pidgin
2014-06-02 00:00:00
suse
suse
pidgin: 2.10.7 update to fix security issues and bugs (important)
2013-03-21 08:04:39
Security update for pidgin (important)
2013-03-04 23:04:31
pidgin: various security fixes (important)
2013-03-07 14:04:27
freebsd
freebsd
libpurple -- multiple vulnerabilities
2013-02-13 00:00:00
ubuntucve
ubuntucve
CVE-2013-6482
2014-02-05 00:00:00
CVE-2013-6479
2014-02-05 00:00:00
CVE-2012-6152
2014-02-05 00:00:00
debiancve
debiancve
CVE-2012-6152
2014-02-06 16:10:00
CVE-2013-6479
2014-02-06 16:10:00
CVE-2013-6482
2014-02-06 17:00:00
cvelist
cvelist
CVE-2012-6152
2014-02-06 15:00:00
CVE-2013-6479
2014-02-06 15:00:00
CVE-2013-6482
2014-02-06 16:00:00
cve
cve
CVE-2013-6479
2014-02-06 16:10:00
CVE-2013-6482
2014-02-06 17:00:00
CVE-2012-6152
2014-02-06 16:10:00
prion
prion
Design/Logic Flaw
2014-02-06 16:10:00
Null pointer dereference
2014-02-06 16:10:00
Integer overflow
2014-02-06 16:10:00
talos
talos
Pidgin libpurple Mxit Emoticon Name Length Integer Overflow Vulnerability
2014-01-26 00:00:00
Pidgin libpurple SIP/SIMPLE Content-Length Integer Overflow Vulnerability
2014-01-26 00:00:00
Pidgin libpurple Gadu Gadu HTTP Content-Length Integer Overflow Vulnerability
2014-01-26 00:00:00
seebug
seebug
Pidgin 'libpurple' δ»»ζ„ζ–‡δ»Άθ¦†η›–ζΌζ΄ž(CVE-2013-0271)
2013-03-10 00:00:00
Pidgin 'libpurple' HTTPζ ‡ε€΄ζ ˆηΌ“ε†²εŒΊζΊ’ε‡ΊζΌζ΄ž(CVE-2013-0272)
2013-03-10 00:00:00

0.04 Low

EPSS

Percentile

92.0%

JSON
Related for GLSA-201405-22
nessus32openvas40veracode16securityvulns4osv2oraclelinux2fedora2mageia2redhat2ubuntu3centos2debian4slackware2kaspersky1suse4freebsd1ubuntucve15debiancve15cvelist14cve16prion15talos3seebug2