4 matches found
SUSE CVE-2009-1889
The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote attackers to cause a denial of service application crash via a crafted ICQ web message that triggers allocation of a large amount of memory...
Mandriva Linux Security Advisory : pidgin (MDVSA-2009:321)
Security vulnerabilities has been identified and fixed in pidgin : The NSS plugin in libpurple in Pidgin 2.4.1 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service. CVE-2008-3532 Pidgin 2.4....
CVE-2009-1889
The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote attackers to cause a denial of service application crash via a crafted ICQ web message that triggers allocation of a large amount of memory...
CVE-2009-1889
The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote attackers to cause a denial of service application crash via a crafted ICQ web message that triggers allocation of a large amount of memory...