Lucene search
K

74 matches found

Cvelist
Cvelist
added 2011/10/23 10:0 a.m.26 views

CVE-2011-3635

Cross-site scripting XSS vulnerability in the themeadiumappendmessage function in empathy-theme-adium.c in the Adium theme in libempathy-gtk in Empathy 3.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted alias aka nickname...

5.3AI score0.01291EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2011/10/23 10:0 a.m.33 views

CVE-2011-4170

Cross-site scripting XSS vulnerability in the themeadiumappendmessage function in empathy-theme-adium.c in the Adium theme in libempathy-gtk in Empathy 3.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted alias aka nickname in a /me event, a different...

4.3CVSS5.4AI score0.00895EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2011/10/23 12:0 a.m.30 views

CVE-2011-4170

Cross-site scripting XSS vulnerability in the themeadiumappendmessage function in empathy-theme-adium.c in the Adium theme in libempathy-gtk in Empathy 3.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted alias aka nickname in a /me event, a different...

4.3CVSS6AI score0.00895EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2011/10/23 12:0 a.m.21 views

CVE-2011-3635

Cross-site scripting XSS vulnerability in the themeadiumappendmessage function in empathy-theme-adium.c in the Adium theme in libempathy-gtk in Empathy 3.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted alias aka nickname...

4.3CVSS6AI score0.01291EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2011/08/02 12:0 a.m.41 views

Adium 1.4.2 Cross Site Scripting

+-----------------------------------------------------------------------------+ | noptrix.net - Public Security Advisory | +-----------------------------------------------------------------------------+ Date: ----- 08/02/2011 Vendor: ------- Adium - http://www.adium.im/ Affected Software:...

Exploits0
n0where
n0where
added 2010/11/07 8:41 p.m.48 views

Injecting Fake Updates: Evilgrade

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries agents, a working default configuration for fast pentests, and has it’s own WebServer and DNSServer modules. Easy to set up new...

0.8AI score
Exploits0References1
securityvulns
securityvulns
added 2010/02/19 12:0 a.m.31 views

Pidgin / Adium messenger multiple security vulnerabilities

Memory corruption on SLP MSN messages parsing. Multiple DoS conditions...

5CVSS3.3AI score0.02875EPSS
Exploits1References1Affected Software2
RedHat Linux
RedHat Linux
added 2010/02/18 4:7 p.m.9 views

pidgin MSN protocol plugin memory corruption

slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a...

5CVSS7.3AI score0.02312EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2010/01/14 4:47 p.m.4 views

pidgin/libpurple: MSN custom smiley request directory traversal file disclosure

Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. dot dot in an application/x-msnmsgrp2p MSN emoticon aka custom smiley request, a related issue to CVE-2004-0122. NOTE: it cou...

7.5CVSS7.3AI score0.12496EPSS
Exploits5References4
securityvulns
securityvulns
added 2010/01/13 12:0 a.m.48 views

[ MDVSA-2010:002 ] pidgin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:002 http://www.mandriva.com/security/ Package : pidgin Date : January 11, 2010 Affected: 2010.0 Problem Description: A security vulnerability has been identified and fixed in pidgin: Directory traversal...

5CVSS7.6AI score0.22467EPSS
Exploits5
securityvulns
securityvulns
added 2010/01/13 12:0 a.m.44 views

libpurple / Pidgin / Adium directory traversal

emoticon download directory traversal...

5CVSS3.8AI score0.12496EPSS
Exploits5References1
OSV
OSV
added 2010/01/09 6:30 p.m.7 views

CVE-2010-0277

slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a...

8.4AI score
Exploits0References26
NVD
NVD
added 2010/01/09 6:30 p.m.19 views

CVE-2010-0277

slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a...

5CVSS8.3AI score0.02312EPSS
Exploits1References26
NVD
NVD
added 2010/01/09 6:30 p.m.21 views

CVE-2010-0013

Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. dot dot in an application/x-msnmsgrp2p MSN emoticon aka custom smiley request, a related issue to CVE-2004-0122. NOTE: it cou...

7.5CVSS7.5AI score0.12496EPSS
Exploits5References24
OSV
OSV
added 2010/01/09 6:30 p.m.1 views

DEBIAN-CVE-2010-0277

slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a...

5CVSS7.7AI score0.02312EPSS
Exploits1References1
Prion
Prion
added 2010/01/09 6:30 p.m.22 views

Directory traversal

Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. dot dot in an application/x-msnmsgrp2p MSN emoticon aka custom smiley request, a related issue to CVE-2004-0122. NOTE: it cou...

5CVSS6.8AI score0.22467EPSS
Exploits5References24Affected Software7
Prion
Prion
added 2010/01/09 6:30 p.m.22 views

Memory corruption

slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a...

5CVSS7.8AI score0.12496EPSS
Exploits6References26Affected Software2
Cvelist
Cvelist
added 2010/01/09 6:0 p.m.29 views

CVE-2010-0013

Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. dot dot in an application/x-msnmsgrp2p MSN emoticon aka custom smiley request, a related issue to CVE-2004-0122. NOTE: it cou...

7.5AI score0.12496EPSS
Exploits5References24
Cvelist
Cvelist
added 2010/01/09 6:0 p.m.28 views

CVE-2010-0277

slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a...

8.4AI score0.02312EPSS
Exploits1References26
CVE
CVE
added 2010/01/09 6:0 p.m.88 views

CVE-2010-0277

CVE-2010-0277 concerns the MSN protocol plugin (libpurple/Pidgin) where, prior to versions around 2.6.6, a malformed MSNSLP INVITE in an SLP message could trigger a remote crash/memory corruption. Affected products and timelines in the provided documents show this as a remote crash/DoS vulnerabil...

5CVSS8.3AI score0.02312EPSS
Exploits1References26Affected Software2
Rows per page
Query Builder