9 matches found
SUSE CVE-2010-0420
libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat MUC room is used, does not properly parse nicknames containing sequences, which allows remote attackers to cause a denial of service application crash via a crafted nickname...
SUSE CVE-2011-3635
Cross-site scripting XSS vulnerability in the themeadiumappendmessage function in empathy-theme-adium.c in the Adium theme in libempathy-gtk in Empathy 3.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted alias aka nickname...
CVE-2011-2191
Cross-site request forgery CSRF vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting XSS sequences, as demonstrated by a crafted nickname field to vserver/apply...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting XSS sequences, as demonstrated by a crafted nickname field to vserver/apply...
CVE-2011-2943
The ircmsgwho function in msgs.c in the IRC protocol plugin in libpurple 2.8.0 through 2.9.0 in Pidgin before 2.10.0 does not properly validate characters in nicknames, which allows user-assisted remote attackers to cause a denial of service NULL pointer dereference and application crash via a...
CVE-2011-2943
The ircmsgwho function in msgs.c in the IRC protocol plugin in libpurple 2.8.0 through 2.9.0 in Pidgin before 2.10.0 does not properly validate characters in nicknames, which allows user-assisted remote attackers to cause a denial of service NULL pointer dereference and application crash via a...
Code injection
libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat MUC room is used, does not properly parse nicknames containing sequences, which allows remote attackers to cause a denial of service application crash via a crafted nickname...
CVE-2010-0420
libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat MUC room is used, does not properly parse nicknames containing sequences, which allows remote attackers to cause a denial of service application crash via a crafted nickname...
CVE-2005-1163
Multiple buffer overflows in Yager 5.24 and earlier allow remote attackers to execute arbitrary code via 1 a crafted nickname or 2 a packet with a large amount of data...