359 matches found
libpurple -- multiple vulnerabilities
Pidgin reports: libpurple Fix a crash when receiving UPnP responses with abnormally long values. MXit Fix two bugs where a remote MXit user could possibly specify a local file path to be written to. Fix a bug where the MXit server or a man-in-the-middle could potentially send specially crafted da...
SuSE 11.1 Security Update : pidgin, finch and libpurple (SAT Patch Number 6534)
This update of pidgin fixes a stack-based buffer overflow in the MXit protocol which could have potentially been exploited by remote attackers to execute arbitrary code in the context of the user running pidgin. CVE-2012-3374 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...
Pidgin: Arbitrary code execution
Background Pidgin is a GTK Instant Messenger client for a variety of instant messaging protocols. libpurple is the core library for Pidgin. Description A stack-based buffer overflow vulnerability has been found in the MXit protocol plug-in for libpurple. Impact A remote attacker could possibly...
RedHat Update for pidgin RHSA-2012:1102-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
pidgin: Stack-based buffer overwrite in MXit protocol libPurple plug-in
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...
libpurple / Pidgin code execution
Code execution in MXit protocol...
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : pidgin vulnerabilities (USN-1500-1)
Evgeny Boger discovered that Pidgin incorrectly handled buddy list messages in the AIM and ICQ protocol handlers. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10...
USN-1500-1: Pidgin vulnerabilities
Evgeny Boger discovered that Pidgin incorrectly handled buddy list messages in the AIM and ICQ protocol handlers. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10...
Pidgin 'mxit_show_message()'基于栈的缓冲区溢出漏洞
Bugtraq ID:54322 CVE ID:CVE-2012-3374 Pidgin是一款多协议即时通信软件 如果进入的消息包含内联图像,"mxitshowmessage"函数libpurple/protocols/mxit/markup.c解析时存在一个边界错误,允许攻击者构建特制的RX消息触发基于栈的缓冲区溢出,成功利用漏洞可以以应用程序上下文执行任意代码 0 Pidgin 2.x 厂商解决方案 Pidgin 2.10.5已经修复此漏洞,建议用户下载使用: http://www.pidgin.im/news/security/index.php?id=64...
[SECURITY] [DSA 2509-1] pidgin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2509-1 [email protected] http://www.debian.org/security/ Luciano Bello July 08, 2012 http://www.debian.org/security/faq -...
CVE-2012-3374
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...
DSA-2509-1 pidgin - remote code execution
Bulletin has no description...
CVE-2012-3374
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...
CVE-2012-3374
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...
DEBIAN-CVE-2012-3374
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...
Buffer overflow
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...
CVE-2012-3374
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...
CVE-2012-3374
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...
CVE-2012-3374
CVE-2012-3374 affects the Pidgin/libpurple MXit protocol plugin, where a stack-based buffer overflow in markup.c could be triggered by a crafted inline image in a message to allow remote code execution. Public advisories/ Nessus entries link this to Pidgin prior to 2.10.5, with patches released t...