Null pointer dereference

2011-08-2917:55:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.11 Low

EPSS

Percentile

95.0%

JSON

The irc_msg_who function in msgs.c in the IRC protocol plugin in libpurple 2.8.0 through 2.9.0 in Pidgin before 2.10.0 does not properly validate characters in nicknames, which allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted nickname that is not properly handled in a WHO response.

CPENameOperatorVersion
libpurpleeq2.9.0
libpurpleeq2.8.0
pidgineq2.5.9
pidgineq2.5.8
pidgineq2.7.9
pidgineq2.7.5
pidgineq2.7.0
pidgineq2.1.0
pidgineq2.7.4
pidgineq2.6.0

Name	Operator	Version
libpurple	eq	2.9.0
libpurple	eq	2.8.0
pidgin	eq	2.5.9
pidgin	eq	2.5.8
pidgin	eq	2.7.9
pidgin	eq	2.7.5
pidgin	eq	2.7.0
pidgin	eq	2.1.0
pidgin	eq	2.7.4
pidgin	eq	2.6.0

Rows per page:

1-10 of 461

References

developer.pidgin.im/viewmtn/revision/diff/5749f9193063800d27bef75c2388f6f9cc2f7f37/with/5c2dba4a7e2e76b76e7f472b88953a4316706d43/libpurple/protocols/irc/msgs.c

developer.pidgin.im/viewmtn/revision/info/5c2dba4a7e2e76b76e7f472b88953a4316706d43

pidgin.im/news/security/?id=53

secunia.com/advisories/45663

secunia.com/advisories/45916

securitytracker.com/id?1025961

www.openwall.com/lists/oss-security/2011/08/20/2

www.openwall.com/lists/oss-security/2011/08/22/2

www.securityfocus.com/bid/49268

bugzilla.redhat.com/show_bug.cgi?id=722939

exchange.xforce.ibmcloud.com/vulnerabilities/69340

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18005