Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : pidgin vulnerabilities (USN-1746-1)

Chris Wysopal discovered that Pidgin incorrectly handled file transfers in the MXit protocol handler. A remote attacker could use this issue to create or overwrite arbitrary files. This issue only affected Ubuntu 11.10, Ubuntu 12.04 LTS and Ubuntu 12.10. CVE-2013-0271 It was discovered that Pidgi...

USN-1746-1: Pidgin vulnerabilities

Chris Wysopal discovered that Pidgin incorrectly handled file transfers in the MXit protocol handler. A remote attacker could use this issue to create or overwrite arbitrary files. This issue only affected Ubuntu 11.10, Ubuntu 12.04 LTS and Ubuntu 12.10. CVE-2013-0271 It was discovered that Pidgi...

CVE-2013-0273

sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service application crash via a crafted packet...

CVE-2013-0273

sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service application crash via a crafted packet...

DEBIAN-CVE-2013-0273

sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service application crash via a crafted packet...

Code injection

sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service application crash via a crafted packet...

CVE-2013-0273

sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service application crash via a crafted packet...

CVE-2013-0273

CVE-2013-0273 affects sametime.c in the Sametime protocol plugin of libpurple/Pidgin up to version 2.10.7. The issue arises from improper termination of long user IDs, enabling a remote server to crash the application via a crafted packet (DoS). Public references in the connected documents confir...

CVE-2013-0273

sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service application crash via a crafted packet...

CVE-2013-0273

sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service application crash via a crafted packet...

libpurple -- multiple vulnerabilities

Pidgin reports: libpurple Fix a crash when receiving UPnP responses with abnormally long values. MXit Fix two bugs where a remote MXit user could possibly specify a local file path to be written to. Fix a bug where the MXit server or a man-in-the-middle could potentially send specially crafted da...

Fedora Update for pidgin FEDORA-2012-10287

Check for the Version of pidgin OpenVAS Vulnerability Test Fedora Update for pidgin FEDORA-2012-10287 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

CVE-2012-3308

Cross-site scripting XSS vulnerability in IBM Sametime 8.0.2 through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML via an IM chat...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Sametime 8.0.2 through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML via an IM chat...

CVE-2012-3308

IBM Sametime 8.0.2–8.5.2.1 is vulnerable to cross-site scripting (XSS) via an IM chat, per CVE-2012-3308. The connected documents confirm the affected version range and the basic impact (arbitrary script/HTML injection), but do not provide explicit root-cause details, affected component names, or...

CVE-2012-3308

Cross-site scripting XSS vulnerability in IBM Sametime 8.0.2 through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML via an IM chat...

[SECURITY] Fedora 16 Update: pidgin-2.10.5-1.fc16

Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...

Fedora Update for pidgin FEDORA-2012-8686

Check for the Version of pidgin OpenVAS Vulnerability Test Fedora Update for pidgin FEDORA-2012-8686 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

[SECURITY] Fedora 15 Update: pidgin-2.10.4-1.fc15

Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...

IBM Lotus Sametime配置Servlet验证安全绕过漏洞

Bugtraq ID: 50410 CVE ID：CVE-2011-1370 IBM Lotus Sametime Server是一款实时协作和网络会议解决方案。 IBM Lotus Sametime配置servlet没有对请求进行正确验证，远程攻击者可利用漏洞获得对某些配置数据的读访问，导致敏感信息泄露。 IBM Lotus Sametime 8.5.1 IBM Lotus Sametime 8.0.2 IBM Lotus Sametime 8.0.1 IBM Lotus Sametime 7.5.1 FP 1 IBM Lotus Sametime 7.5.1 IBM Lotus...