Design/Logic Flaw

2012-07-0319:55:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

Low

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

69.9%

JSON

proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (application crash) via a sequence of XMPP file-transfer requests.

CPENameOperatorVersion
pidgineq2.5.9
pidgineq2.5.8
pidgineq2.7.9
pidgineq2.7.5
pidgineq2.7.0
pidgineq2.10.1
pidgineq2.1.0
pidgineq2.7.4
pidgineq2.6.0
pidgineq2.5.2