299 matches found
CVE-2011-3692
NetSaro Enterprise Messenger Server 2.0 stores cleartext console credentials in configuration.xml, which allows local users to obtain sensitive information by reading this file and performing a base64 decoding step...
CVE-2011-3692
CVE-2011-3692 affects NetSaro Enterprise Messenger Server 2.0. The issue is information disclosure: the product stores cleartext console credentials in configuration.xml, allowing local users to read the file and decode credentials via base64. The NVD entry lists a low severity (CVSS v2 base scor...
Moderate: Red Hat Security Advisory: pidgin security update
Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...
Ubuntu Update for pidgin vulnerabilities USN-1014-1
Ubuntu Update for Linux kernel vulnerabilities USN-1014-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10141.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for pidgin vulnerabilities USN-1014-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
Ubuntu: Security Advisory (USN-1014-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-1014-1: Pidgin vulnerabilities
Pierre Noguès discovered that Pidgin incorrectly handled malformed SLP messages in the MSN protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 8.04 LTS, 9.10 and 10.04 LTS...
CentOS Update for finch CESA-2010:0788 centos4 i386
Check for the Version of finch OpenVAS Vulnerability Test CentOS Update for finch CESA-2010:0788 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
libpurple library / Pidgin DoS
Crash on base64 decoding in different protocols...
finch, libpurple, pidgin security update
CentOS Errata and Security Advisory CESA-2010:0788 Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVS...
Moderate: Red Hat Security Advisory: pidgin security update
Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...
Debian DSA-2025-1 : icedove - several vulnerabilities
Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-2408 Dan Kaminsky and Moxie Marlinspike discovered that icedove does...
DSA-2025-1 icedove - several vulnerabilities
Bulletin has no description...
Mozilla Base64 decoding crash
Multiple integer overflows in the 1 PLBase64Decode and 2 PLBase64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash...
[SECURITY] [DSA 1931-1] New NSPR packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1931-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 08, 2009 http://www.debian.org/security/faq -...
SuSE 10 Security Update : libsoup (ZYPP Patch Number 6223)
Large strings could lead to a heap overflow in the base64 encoding and decoding functions. Attackers could potentially exploit that to execute arbitrary code. CVE-2009-0585 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
Mozilla Base64 decoding crash
Multiple integer overflows in the 1 PLBase64Decode and 2 PLBase64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash...
Ubuntu 8.10 : gst-plugins-base0.10 vulnerability (USN-735-1)
It was discovered that the Base64 decoding functions in GStreamer Base Plugins did not properly handle large images in Vorbis file tags. If a user were tricked into opening a specially crafted Vorbis file, an attacker could possibly execute arbitrary code with user privileges. Note that Tenable...
Mandrake Security Advisory MDVSA-2009:081 (libsoup)
The remote host is missing an update to libsoup announced via advisory MDVSA-2009:081. OpenVAS Vulnerability Test $Id: mdksa2009081.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:081 libsoup Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
Mandrake Security Advisory MDVSA-2009:080 (glib2.0)
The remote host is missing an update to glib2.0 announced via advisory MDVSA-2009:080. OpenVAS Vulnerability Test $Id: mdksa2009080.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:080 glib2.0 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
Mandrake Security Advisory MDVSA-2009:080 (glib2.0)
The remote host is missing an update to glib2.0 announced via advisory MDVSA-2009:080. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...