CVE-2013-0534

The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, and 8.5.2.1, as used in the Lotus Notes client and separately, might allow local users to obtain sensitive information by leveraging the persistence of cleartext password strings within process memory...

CVE-2013-0535

Multiple cross-site scripting XSS vulnerabilities in the Classic Meeting Server in IBM Sametime 7.5.1.2 through 8.5.2.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Classic Meeting Server in IBM Sametime 7.5.1.2 through 8.5.2.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-0535

The CVE-2013-0535 entries describe multiple XSS vulnerabilities in IBM Sametime Classic Meeting Server, affecting versions 7.5.1.2 through 8.5.2.1. The issue allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. The connected records do not provide expl...

CVE-2013-0535

Multiple cross-site scripting XSS vulnerabilities in the Classic Meeting Server in IBM Sametime 7.5.1.2 through 8.5.2.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-0553

The client implementation in IBM Sametime 8.5.1 through 8.5.2.1, as used in Sametime Connect client, Sametime Advanced Connect client, Sametime Advanced Web client, and other products, allows remote authenticated users to send commands to individual chat users, or to all participants in a chat...

CVE-2013-0533

Cross-site scripting XSS vulnerability in the Sametime Links server in IBM Sametime 8.0.2 through 8.5.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the Sametime Links server in IBM Sametime 8.0.2 through 8.5.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

Command injection

The client implementation in IBM Sametime 8.5.1 through 8.5.2.1, as used in Sametime Connect client, Sametime Advanced Connect client, Sametime Advanced Web client, and other products, allows remote authenticated users to send commands to individual chat users, or to all participants in a chat...

CVE-2013-0533

Cross-site scripting XSS vulnerability in the Sametime Links server in IBM Sametime 8.0.2 through 8.5.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-0533

Technical details about CVE-2013-0533 are not publicly provided in the connected documents. The initial sources only reiterate the XSS vulnerability in IBM Sametime 8.0.2–8.5.2.1. Monitor for future updates.

CVE-2013-0553

CVE-2013-0553 affects IBM Sametime 8.5.1–8.5.2.1 (Sametime Connect, Advanced Connect, Advanced Web clients, and related products). The issue allows remote authenticated users to send commands to individual chat users or to all participants in a chat room via a crafted Sametime Instant Message. Th...

CVE-2013-0553

The client implementation in IBM Sametime 8.5.1 through 8.5.2.1, as used in Sametime Connect client, Sametime Advanced Connect client, Sametime Advanced Web client, and other products, allows remote authenticated users to send commands to individual chat users, or to all participants in a chat...

pidgin: 2.10.7 update to fix security issues and bugs (important)

Pidgin was updated to 2.10.7 to fix various security issues and the bug that IRC did not work at all in 12.3. Changes: - Add pidgin-irc-sasl.patch: link irc module to SASL. Allows the IRC module to be loaded bnc806975. - Update to version 2.10.7 bnc804742: + Alien hatchery: - No changes + General...

Scientific Linux Security Update : pidgin on SL5.x, SL6.x i386/x86_64 (20130314)

A stack-based buffer overflow flaw was found in the Pidgin MXit protocol plug-in. A malicious server or a remote attacker could use this flaw to crash Pidgin by sending a specially crafted HTTP request. CVE-2013-0272 A buffer overflow flaw was found in the Pidgin Sametime protocol plug-in. A...

pidgin: Meanwhile protocol missing nul termination of long Lotus Sametime usernames

sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service application crash via a crafted packet...

FreeBSD : libpurple -- multiple vulnerabilities (549787c1-8916-11e2-8549-68b599b52a02)

Pidgin reports : libpurple Fix a crash when receiving UPnP responses with abnormally long values. MXit Fix two bugs where a remote MXit user could possibly specify a local file path to be written to. Fix a bug where the MXit server or a man-in-the-middle could potentially send specially crafted...

SuSE Update for pidgin openSUSE-SU-2013:0407-1 (pidgin)

Check for the Version of pidgin OpenVAS Vulnerability Test $Id: gbsuse201304071.nasl 8650 2018-02-03 12:16:59Z teissa $ SuSE Update for pidgin openSUSE-SU-2013:0407-1 pidgin Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program ...

pidgin: various security fixes (important)

pidgin was updated to fix security issues: - Fix a crash when receiving UPnP responses with abnormally long values. CVE-2013-0274 - Fix a crash in Sametime when a malicious server sends us an abnormally long user ID. CVE-2013-0273 - Fix a bug where the MXit server or a man-in-the-middle could...

SuSE 10 Security Update : pidgin (ZYPP Patch Number 8475)

pidgin was updated to fix 4 security issues : - Fixed a crash when receiving UPnP responses with abnormally long values. CVE-2013-0274, bnc804742 - Fixed a crash in Sametime protocol when a malicious server sends us an abnormally long user ID. CVE-2013-0273, bnc804742 - Fixed a bug where the MXit...