Lucene search
HistoryJul 03, 2012 - 7:55 p.m.
CVE-2012-2214
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
AI Score
5.9
Confidence
Low
EPSS
0.003
Percentile
70.6%
proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (application crash) via a sequence of XMPP file-transfer requests.
Affected configurations
Node
pidginpidginRangeโค2.10.3
ORpidginpidginMatch2.0.0
ORpidginpidginMatch2.0.1
ORpidginpidginMatch2.0.2
ORpidginpidginMatch2.1.0
ORpidginpidginMatch2.1.1
ORpidginpidginMatch2.2.0
ORpidginpidginMatch2.2.1
ORpidginpidginMatch2.2.2
ORpidginpidginMatch2.3.0
ORpidginpidginMatch2.3.1
ORpidginpidginMatch2.4.0
ORpidginpidginMatch2.4.1
ORpidginpidginMatch2.4.2
ORpidginpidginMatch2.4.3
ORpidginpidginMatch2.5.0
ORpidginpidginMatch2.5.1
ORpidginpidginMatch2.5.2
ORpidginpidginMatch2.5.3
ORpidginpidginMatch2.5.4
ORpidginpidginMatch2.5.5
ORpidginpidginMatch2.5.6
ORpidginpidginMatch2.5.7
ORpidginpidginMatch2.5.8
ORpidginpidginMatch2.5.9
ORpidginpidginMatch2.6.0
ORpidginpidginMatch2.6.1
ORpidginpidginMatch2.6.2
ORpidginpidginMatch2.6.4
ORpidginpidginMatch2.6.5
ORpidginpidginMatch2.6.6
ORpidginpidginMatch2.7.0
ORpidginpidginMatch2.7.1
ORpidginpidginMatch2.7.2
ORpidginpidginMatch2.7.3
ORpidginpidginMatch2.7.4
ORpidginpidginMatch2.7.5
ORpidginpidginMatch2.7.6
ORpidginpidginMatch2.7.7
ORpidginpidginMatch2.7.8
ORpidginpidginMatch2.7.9
ORpidginpidginMatch2.7.10
ORpidginpidginMatch2.7.11
ORpidginpidginMatch2.8.0
ORpidginpidginMatch2.9.0
ORpidginpidginMatch2.10.0
ORpidginpidginMatch2.10.1
ORpidginpidginMatch2.10.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| pidgin | pidgin | * | cpe:2.3:a:pidgin:pidgin:*:*:*:*:*:*:*:* |
| pidgin | pidgin | 2.0.0 | cpe:2.3:a:pidgin:pidgin:2.0.0:*:*:*:*:*:*:* |
| pidgin | pidgin | 2.0.1 | cpe:2.3:a:pidgin:pidgin:2.0.1:*:*:*:*:*:*:* |
| pidgin | pidgin | 2.0.2 | cpe:2.3:a:pidgin:pidgin:2.0.2:*:*:*:*:*:*:* |
| pidgin | pidgin | 2.1.0 | cpe:2.3:a:pidgin:pidgin:2.1.0:*:*:*:*:*:*:* |
| pidgin | pidgin | 2.1.1 | cpe:2.3:a:pidgin:pidgin:2.1.1:*:*:*:*:*:*:* |
| pidgin | pidgin | 2.2.0 | cpe:2.3:a:pidgin:pidgin:2.2.0:*:*:*:*:*:*:* |
| pidgin | pidgin | 2.2.1 | cpe:2.3:a:pidgin:pidgin:2.2.1:*:*:*:*:*:*:* |
| pidgin | pidgin | 2.2.2 | cpe:2.3:a:pidgin:pidgin:2.2.2:*:*:*:*:*:*:* |
| pidgin | pidgin | 2.3.0 | cpe:2.3:a:pidgin:pidgin:2.3.0:*:*:*:*:*:*:* |
Related
openvas
openvas
FreeBSD Ports: libpurple
2012-05-31 00:00:00
FreeBSD Ports: libpurple
2012-05-31 00:00:00
Fedora Update for pidgin FEDORA-2012-8687
2012-08-30 00:00:00
freebsd
freebsd
cve
cve
CVE-2012-2214
2012-07-03 19:55:02
CVE-2012-2323
2017-07-21 19:29:00
ubuntucve
ubuntucve
CVE-2012-2214
2012-07-03 00:00:00
debiancve
debiancve
CVE-2012-2214
2012-07-03 19:55:02
seebug
seebug
Pidgin <2.10.4 XMPPๅ่ฎฎๆไปถไผ ่พ่ฏทๆฑๅค็่ฟ็จๆ็ปๆๅกๆผๆด
2012-06-05 00:00:00
nessus
nessus
Pidgin < 2.10.4 Multiple DoS Vulnerabilities
2012-05-31 00:00:00
Mandriva Linux Security Advisory : pidgin (MDVSA-2012:082)
2012-09-06 00:00:00
prion
prion
Design/Logic Flaw
2012-07-03 19:55:00
cvelist
cvelist
CVE-2012-2214
2012-07-03 19:00:00
nvd
nvd
CVE-2012-2323
2017-07-21 19:29:00
fedora
fedora
[SECURITY] Fedora 17 Update: pidgin-2.10.4-1.fc17
2012-06-03 00:02:54
[SECURITY] Fedora 17 Update: pidgin-2.10.5-1.fc17
2012-07-10 16:23:55
[SECURITY] Fedora 16 Update: pidgin-2.10.4-1.fc16
2012-06-10 01:33:09
suse
suse
Security update for finch, libpurple and pidgin (important)
2012-06-22 19:08:37
altlinux
altlinux
Security fix for the ALT Linux 6 package pidgin version 2.10.4-alt1
2012-05-18 00:00:00
Security fix for the ALT Linux 6 package pidgin version 2.10.4-alt0.M60P.1
2012-06-28 00:00:00
ubuntu
ubuntu
Pidgin vulnerabilities
2012-07-09 00:00:00
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
AI Score
5.9
Confidence
Low
EPSS
0.003
Percentile
70.6%
Related for NVD:CVE-2012-2214