USN-1014-1: Pidgin vulnerabilities

Pierre Noguès discovered that Pidgin incorrectly handled malformed SLP messages in the MSN protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 8.04 LTS, 9.10 and 10.04 LTS...

CentOS Update for finch CESA-2010:0788 centos4 i386

Check for the Version of finch OpenVAS Vulnerability Test CentOS Update for finch CESA-2010:0788 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

libpurple library / Pidgin DoS

Crash on base64 decoding in different protocols...

finch, libpurple, pidgin security update

CentOS Errata and Security Advisory CESA-2010:0788 Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVS...

Moderate: Red Hat Security Advisory: pidgin security update

Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

Debian DSA-2025-1 : icedove - several vulnerabilities

Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-2408 Dan Kaminsky and Moxie Marlinspike discovered that icedove does...

DSA-2025-1 icedove - several vulnerabilities

Bulletin has no description...

Mozilla Base64 decoding crash

Multiple integer overflows in the 1 PLBase64Decode and 2 PLBase64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash...

[SECURITY] [DSA 1931-1] New NSPR packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1931-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 08, 2009 http://www.debian.org/security/faq -...

SuSE 10 Security Update : libsoup (ZYPP Patch Number 6223)

Large strings could lead to a heap overflow in the base64 encoding and decoding functions. Attackers could potentially exploit that to execute arbitrary code. CVE-2009-0585 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

Mozilla Base64 decoding crash

Multiple integer overflows in the 1 PLBase64Decode and 2 PLBase64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash...

Ubuntu 8.10 : gst-plugins-base0.10 vulnerability (USN-735-1)

It was discovered that the Base64 decoding functions in GStreamer Base Plugins did not properly handle large images in Vorbis file tags. If a user were tricked into opening a specially crafted Vorbis file, an attacker could possibly execute arbitrary code with user privileges. Note that Tenable...

Mandrake Security Advisory MDVSA-2009:081 (libsoup)

The remote host is missing an update to libsoup announced via advisory MDVSA-2009:081. OpenVAS Vulnerability Test $Id: mdksa2009081.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:081 libsoup Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Mandrake Security Advisory MDVSA-2009:080 (glib2.0)

The remote host is missing an update to glib2.0 announced via advisory MDVSA-2009:080. OpenVAS Vulnerability Test $Id: mdksa2009080.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:080 glib2.0 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Mandrake Security Advisory MDVSA-2009:080 (glib2.0)

The remote host is missing an update to glib2.0 announced via advisory MDVSA-2009:080. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

RHEL 5 : glib2 (RHSA-2009:0336)

Updated glib2 packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOM...

Ubuntu USN-735-1 (gst-plugins-base0.10)

The remote host is missing an update to gst-plugins-base0.10 announced via advisory USN-735-1. OpenVAS Vulnerability Test $Id: ubuntu7351.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7351.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-735-1...

Ubuntu: Security Advisory (USN-735-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-735-1: GStreamer Base Plugins vulnerability

It was discovered that the Base64 decoding functions in GStreamer Base Plugins did not properly handle large images in Vorbis file tags. If a user were tricked into opening a specially crafted Vorbis file, an attacker could possibly execute arbitrary code with user privileges...

glib library memory corruption

Memory corruption on base64 encoding/decoding...