Lucene search
+L

359 matches found

freebsd
freebsd
added 2013/02/13 12:0 a.m.31 views

libpurple -- multiple vulnerabilities

Pidgin reports: libpurple Fix a crash when receiving UPnP responses with abnormally long values. MXit Fix two bugs where a remote MXit user could possibly specify a local file path to be written to. Fix a bug where the MXit server or a man-in-the-middle could potentially send specially crafted da...

6.8CVSS6.9AI score0.03121EPSS
Exploits2References1
nessus
nessus
added 2013/01/25 12:0 a.m.21 views

SuSE 11.1 Security Update : pidgin, finch and libpurple (SAT Patch Number 6534)

This update of pidgin fixes a stack-based buffer overflow in the MXit protocol which could have potentially been exploited by remote attackers to execute arbitrary code in the context of the user running pidgin. CVE-2012-3374 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...

7.5CVSS6.4AI score0.06402EPSS
Exploits2References3
gentoo
gentoo
added 2012/09/27 12:0 a.m.29 views

Pidgin: Arbitrary code execution

Background Pidgin is a GTK Instant Messenger client for a variety of instant messaging protocols. libpurple is the core library for Pidgin. Description A stack-based buffer overflow vulnerability has been found in the MXit protocol plug-in for libpurple. Impact A remote attacker could possibly...

7.5CVSS7.6AI score0.06402EPSS
Exploits2
openvas
openvas
added 2012/07/23 12:0 a.m.24 views

RedHat Update for pidgin RHSA-2012:1102-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.5CVSS6.7AI score0.06402EPSS
Exploits3References2
redhat
redhat
added 2012/07/19 3:26 p.m.3 views

pidgin: Stack-based buffer overwrite in MXit protocol libPurple plug-in

Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...

7.5CVSS6.3AI score0.06402EPSS
Exploits2References4
securityvulns
securityvulns
added 2012/07/11 12:0 a.m.37 views

libpurple / Pidgin code execution

Code execution in MXit protocol...

7.5CVSS2.5AI score0.06402EPSS
Exploits2References1Affected Software1
nessus
nessus
added 2012/07/10 12:0 a.m.35 views

Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : pidgin vulnerabilities (USN-1500-1)

Evgeny Boger discovered that Pidgin incorrectly handled buddy list messages in the AIM and ICQ protocol handlers. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10...

7.5CVSS5.9AI score0.06402EPSS
Exploits7References10
ubuntu
ubuntu
added 2012/07/09 8:8 p.m.50 views

USN-1500-1: Pidgin vulnerabilities

Evgeny Boger discovered that Pidgin incorrectly handled buddy list messages in the AIM and ICQ protocol handlers. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10...

7.5CVSS6.3AI score0.06402EPSS
Exploits7
seebug
seebug
added 2012/07/09 12:0 a.m.24 views

Pidgin 'mxit_show_message()'基于栈的缓冲区溢出漏洞

Bugtraq ID:54322 CVE ID:CVE-2012-3374 Pidgin是一款多协议即时通信软件 如果进入的消息包含内联图像,"mxitshowmessage"函数libpurple/protocols/mxit/markup.c解析时存在一个边界错误,允许攻击者构建特制的RX消息触发基于栈的缓冲区溢出,成功利用漏洞可以以应用程序上下文执行任意代码 0 Pidgin 2.x 厂商解决方案 Pidgin 2.10.5已经修复此漏洞,建议用户下载使用: http://www.pidgin.im/news/security/index.php?id=64...

7.5CVSS6.3AI score0.06402EPSS
Exploits2
debian
debian
added 2012/07/08 7:49 p.m.24 views

[SECURITY] [DSA 2509-1] pidgin security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2509-1 [email protected] http://www.debian.org/security/ Luciano Bello July 08, 2012 http://www.debian.org/security/faq -...

7.5CVSS6.7AI score0.06402EPSS
Exploits2
ubuntucve
ubuntucve
added 2012/07/08 12:0 a.m.20 views

CVE-2012-3374

Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...

7.5CVSS6.3AI score0.06402EPSS
Exploits2References3
osv
osv
added 2012/07/08 12:0 a.m.18 views

DSA-2509-1 pidgin - remote code execution

Bulletin has no description...

7.5CVSS5.9AI score0.06402EPSS
Exploits2
nvd
nvd
added 2012/07/07 10:21 a.m.16 views

CVE-2012-3374

Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...

7.5CVSS7.5AI score0.06402EPSS
Exploits2References7
osv
osv
added 2012/07/07 10:21 a.m.6 views

CVE-2012-3374

Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...

7.5AI score
Exploits0References8
osv
osv
added 2012/07/07 10:21 a.m.5 views

DEBIAN-CVE-2012-3374

Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...

7.5CVSS8.2AI score0.06402EPSS
Exploits2References1
prion
prion
added 2012/07/07 10:21 a.m.10 views

Buffer overflow

Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...

7.5CVSS8.2AI score0.06402EPSS
Exploits2References7Affected Software1
cvelist
cvelist
added 2012/07/07 10:0 a.m.22 views

CVE-2012-3374

Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...

7.4AI score0.06402EPSS
Exploits2References7
debiancve
debiancve
added 2012/07/07 10:0 a.m.21 views

CVE-2012-3374

Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...

7.5CVSS7.5AI score0.06402EPSS
Exploits2
cve
cve
added 2012/07/07 10:0 a.m.81 views

CVE-2012-3374

CVE-2012-3374 affects the Pidgin/libpurple MXit protocol plugin, where a stack-based buffer overflow in markup.c could be triggered by a crafted inline image in a message to allow remote code execution. Public advisories/ Nessus entries link this to Pidgin prior to 2.10.5, with patches released t...

7.5CVSS7.6AI score0.06402EPSS
Exploits2References7Affected Software1
Rows per page
Query Builder