CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Multiple integer overflows in the msnslplinkprocessmsg functions in the MSN protocol handler in 1 libpurple/protocols/msn/slplink.c and 2 libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message wi...

6.8CVSS8.1AI score0.06329EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 6:3 a.m.•1 views

SUSE CVE-2009-2694

The msnslplinkprocessmsg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin formerly Gaim before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash by sending multiple...

10CVSS8.1AI score0.34712EPSS

Exploits8References3

SUSE CVE•added 2023/02/15 6:1 a.m.•1 views

SUSE CVE-2010-0013

Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. dot dot in an application/x-msnmsgrp2p MSN emoticon aka custom smiley request, a related issue to CVE-2004-0122. NOTE: it cou...

7.5CVSS6.9AI score0.12845EPSS

Exploits5References6

SUSE CVE•added 2023/02/15 6:0 a.m.•2 views

SUSE CVE-2010-0277

slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a...

5CVSS7.7AI score0.08804EPSS

Exploits1References6

SUSE CVE•added 2023/02/15 5:50 a.m.•2 views

SUSE CVE-2011-3635

Cross-site scripting XSS vulnerability in the themeadiumappendmessage function in empathy-theme-adium.c in the Adium theme in libempathy-gtk in Empathy 3.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted alias aka nickname...

4.3CVSS5.9AI score0.0048EPSS

Exploits0References3

ThreatPost•added 2017/03/21 2:28 p.m.•35 views

Code Execution Vulnerability Found in Libpurple IM Library

A severe vulnerability has been disclosed in libpurple, the library used in the development of a number of popular instant messaging clients, including Pidgin and Adium for the macOS platform. Adium 1.5.10.2 is vulnerable and can be exploited to run arbitrary code remotely. A researcher who goes ...

7.5CVSS0.4AI score0.00788EPSS

Exploits0References7

ThreatPost•added 2014/11/10 10:48 a.m.•69 views

Pidgin 2.10.10 Patches SSL MiTM, DoS Vulnerabilities

A handful of security vulnerabilities were patched in the most recent release of the Pidgin open source instant messaging client, Pidgin 2.10.10, including a SSL/TLS certificate validation issue that could be exploited in man-in-the-middle attacks. Reported by Jacob Appelbaum of the Tor Project,...

6.4CVSS0.1AI score0.02136EPSS

Exploits0References6

seebug.org•added 2014/07/01 12:0 a.m.•27 views

Pidgin MSN <= 2.5.8 - Remote Code Execution Exploit

No description provided by source. / Pidgin MSN = 2.5.8 Remote Code Execution Pierre Nogues - [email protected] http://www.indahax.com/ Description: Pidgin is a multi-protocol Instant Messenger. This is an exploit for the vulnerability1 discovered in Pidgin by core-security2. The library libmsn us...

10CVSS7.6AI score0.34712EPSS

Exploits8

Metasploit•added 2012/03/17 5:22 a.m.•46 views

OS X Gather Adium Enumeration

This module will collect Adium's account plist files and chat logs from the victim's machine. There are three different actions you may choose: ACCOUNTS, CHATS, and ALL. Note that to use the 'CHATS' action, make sure you set the regex 'PATTERN' option in order to look for certain log names which...

7.2AI score

Exploits0