Linux Distros Unpatched Vulnerability : CVE-2016-4323

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an...

Linux Distros Unpatched Vulnerability : CVE-2016-2369

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentiall...

SUSE CVE-2009-1376

Multiple integer overflows in the msnslplinkprocessmsg functions in the MSN protocol handler in 1 libpurple/protocols/msn/slplink.c and 2 libpurple/protocols/msnp9/slplink.c in Pidgin formerly Gaim before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed S...

Pidgin MXIT Protocol Information Disclosure Vulnerability (CNVD-2016-04332)

Pidgin is a cross-platform real-time communication client. An information disclosure vulnerability exists in the MXIT protocol processing in Pidgin version 2.10.11, which can be exploited by an attacker to cause a denial of service read across boundaries or copy memory to a file with the help of ...

pidgin: Possible spoofing using iq replies in XMPP protocol plugin

The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not properly determine whether the from address in an iq reply is consistent with the to address in an iq request, which allows remote attackers to spoof iq traffic or cause a denial of service NULL pointer dereference and...