17 matches found
Scientific Linux Security Update : pidgin on SL4.x, SL5.x i386/x86_64
A denial of service flaw was found in the Pidgin OSCAR protocol implementation. If a remote ICQ user sent a web message to a local Pidgin user using this protocol, it would cause excessive memory usage, leading to a denial of service Pidgin crash. CVE-2009-1889 These updated packages also fix the...
CentOS Update for finch CESA-2009:1139 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE 10 Security Update : gaim (ZYPP Patch Number 6350)
malformed responses to file transfers could cause a buffer overflow in pidgin. CVE-2009-1373 - the fix against integer overflows in the msn protocol handling was incomplete. CVE-2009-1376 - certain ICQ message types could crash pidgin. CVE-2009-1889 %NASLMINLEVEL 70300 C Tenable Network Security,...
Mandriva Security Advisory MDVSA-2009:321 (pidgin)
The remote host is missing an update to pidgin announced via advisory MDVSA-2009:321. OpenVAS Vulnerability Test $Id: mdksa2009321.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:321 pidgin Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...
Security fix for the ALT Linux 5 package pidgin-mini version 2.5.8-alt1
July 10, 2009 Alexey Shabalin 2.5.8-alt1 - 2.5.8 - fixed CVE-2009-1889...
Ubuntu 8.04 LTS / 8.10 / 9.04 : pidgin vulnerability (USN-796-1)
Yuriy Kaminskiy discovered that Pidgin did not properly handle certain messages in the ICQ protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash. Note that Tenable Network Security has extracted the preceding description block directly from the Ubunt...
Fedora Core 11 FEDORA-2009-7359 (pidgin)
The remote host is missing an update to pidgin announced via advisory FEDORA-2009-7359. OpenVAS Vulnerability Test $Id: fcore20097359.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-7359 pidgin Authors: Thomas Reinke Copyright: Copyright c 2009 E-So...
Fedora Core 10 FEDORA-2009-7370 (pidgin)
The remote host is missing an update to pidgin announced via advisory FEDORA-2009-7370. OpenVAS Vulnerability Test $Id: fcore20097370.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-7370 pidgin Authors: Thomas Reinke Copyright: Copyright c 2009 E-So...
CentOS Security Advisory CESA-2009:1139 (pidgin)
The remote host is missing updates to pidgin announced in advisory CESA-2009:1139. CESA-2009:1139 64374 2 $Id: ovcesa20091139.nasl 6650 2017-07-10 11:43:12Z cfischer $ Description: Auto-generated from advisory CESA-2009:1139 pidgin Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Fedora Core 9 FEDORA-2009-7415 (pidgin)
The remote host is missing an update to pidgin announced via advisory FEDORA-2009-7415. OpenVAS Vulnerability Test $Id: fcore20097415.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-7415 pidgin Authors: Thomas Reinke Copyright: Copyright c 2009 E-So...
Fedora 10 : pidgin-2.5.8-1.fc10 (2009-7370)
Several important bug fixes: - More fixes for Yahoo protocol 16 - MSN, MySpace, XMPP - CVE-2009-1889 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Fedora 11 : pidgin-2.5.8-1.fc11 (2009-7359)
Several important bug fixes: - More fixes for Yahoo protocol 16 - MSN, MySpace, XMPP - CVE-2009-1889 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Fedora Core 10 FEDORA-2009-7370 (pidgin)
The remote host is missing an update to pidgin announced via advisory FEDORA-2009-7370. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Fedora Core 11 FEDORA-2009-7359 (pidgin)
The remote host is missing an update to pidgin announced via advisory FEDORA-2009-7359. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Fedora Core 9 FEDORA-2009-7415 (pidgin)
The remote host is missing an update to pidgin announced via advisory FEDORA-2009-7415. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
CVE-2009-1889
The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote attackers to cause a denial of service application crash via a crafted ICQ web message that triggers allocation of a large amount of memory...
CVE-2009-1889
CVE-2009-1889 affects Pidgin's OSCAR protocol implementation. A remote ICQ web message can be misinterpreted (ICQWebMessage vs ICQSMS), triggering large memory allocation and causing a denial of service (Pidgin crash). Documents consistently describe this DoS via crafted ICQ web messages and note...