Juniper Networks Junos OS security vulnerabilities

Juniper Networks Junos OS is a network operating system specifically designed for hardware devices used by Juniper Networks. This operating system provides secure programming interfaces and the Junos SDK. Vulnerabilities exist in versions of Juniper Networks Junos OS prior to 22.4R3-S8, 23.2R2-S5...

SUSE CVE-2010-4528

directconn.c in the MSN protocol plugin in libpurple 2.7.6 through 2.7.8 in Pidgin before 2.7.9 allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a short p2pv2 packet in a DirectConnect aka direct connection session...

SUSE CVE-2011-4602

The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing fields in 1 voice-chat and 2 video-chat stanzas, which allows remote attackers to cause a denial of service application crash via a crafted message...

SUSE CVE-2014-0020

The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not validate argument counts, which allows remote IRC servers to cause a denial of service application crash via a crafted message...

Arbitrary Code Execution

pidgin is vulnerable to arbitrary code execution attacks. The vulnerability exists through a buffer overflow issue in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header...

openSUSE Security Update : pidgin (openSUSE-2017-457)

This update for pidgin to version 2.12.0 fixes the following issues : This security issue was fixed : - CVE-2017-2640: Out of bounds memory read in purplemarkupunescapeentity boo1028835. These non-security issues were fixed : + libpurple : - Fix the use of uninitialised memory if running...

Oracle Solaris Third-Party Patch Update : pidgin (multiple_vulnerabilities_in_pidgin2)

The remote Solaris system is missing necessary patches to address security updates : - The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service application crash via crafted byte sequences...

CVE-2014-3698

The jabberidnvalidate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message...

Memory corruption

nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service application crash via a crafted server message that triggers a large memory allocation...

CVE-2014-3695

markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service application crash via a large length value in an emoticon response...

UBUNTU-CVE-2014-3698

The jabberidnvalidate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message...

CentOS Update for finch CESA-2014:0139 centos6

Check for the Version of finch OpenVAS Vulnerability Test CentOS Update for finch CESA-2014:0139 centos6 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CVE-2014-0020

The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not validate argument counts, which allows remote IRC servers to cause a denial of service application crash via a crafted message...

DEBIAN-CVE-2012-6152

The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service application crash via crafted byte sequences...

CVE-2012-6152

The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service application crash via crafted byte sequences...

CVE-2012-6152

The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service application crash via crafted byte sequences...

CVE-2012-6152

The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service application crash via crafted byte sequences...

CVE-2012-6152

CVE-2012-6152 affects Pidgin’s Yahoo! protocol plugin (libpurple) before 2.10.8. The vulnerability arises from improper validation of UTF-8 data, enabling a remote attacker to crash the application (DoS) via crafted byte sequences. Affected: Pidgin/libpurple up to version 2.10.7.x; remediator: up...

pidgin: DoS via multiple null pointer dereferences in MSN protocol plugin

Pidgin before 2.10.8 allows remote MSN servers to cause a denial of service NULL pointer dereference and crash via a crafted 1 SOAP response, 2 OIM XML response, or 3 Content-Length header...

pidgin: DoS when decoding non-UTF-8 strings in Yahoo protocol plugin

The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service application crash via crafted byte sequences...