15 matches found
Denial Of Service (DoS)
Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A heap-based buffer overflow flaw was found in the way Pidgin processed certain HTTP responses. A malicious server could send a specially crafted HTTP response,...
openSUSE Security Update : pidgin / pidgin-branding-openSUSE (openSUSE-SU-2014:0239-1)
Update to version 2.10.8 bnc861019 : + General: Python build scripts and example plugins are now compatible with Python 3 pidgin.im15624. + libpurple : - Fix potential crash if libpurple gets an error attempting to read a reply from a STUN server CVE-2013-6484. - Fix potential crash parsing a...
KLA10433 Multiple vulnerabilities in Pidgin
Multiple serious vulnerabilities have been found in Pidgin. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary programs and other unknown impact. Below is a complete list of vulnerabilities 1. Improper traffic restrictions can be exploited remotely via...
Fedora Update for pidgin FEDORA-2014-1999
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 19 : pidgin-2.10.9-1.fc19 (2014-1999)
Update to 2.10.9 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...
[BSA-092] Security Update for pidgin
intrigeri uploaded new packages for pidgin which fixed the following security problems: CVE-2013-6477 Jaime Breva Ribes discovered that a remote XMPP user can trigger a crash by sending a message with a timestamp in the distant future. CVE-2013-6478 Pidgin could be crashed through overly wide...
CentOS Update for finch CESA-2014:0139 centos5
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for finch CESA-2014:0139 centos5
Check for the Version of finch OpenVAS Vulnerability Test CentOS Update for finch CESA-2014:0139 centos5 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CentOS Update for finch CESA-2014:0139 centos6
Check for the Version of finch OpenVAS Vulnerability Test CentOS Update for finch CESA-2014:0139 centos6 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CVE-2013-6479
util.c in libpurple in Pidgin before 2.10.8 does not properly allocate memory for HTTP responses that are inconsistent with the Content-Length header, which allows remote HTTP servers to cause a denial of service application crash via a crafted response...
CVE-2013-6479
The CVE-2013-6479 issue affects Pidgin/libpurple: util.c does not allocate memory correctly for HTTP responses that conflict with Content-Length, enabling a crafted response from a remote HTTP server to crash the application (DoS). Public records across vendors indicate this vulnerability was add...
CentOS 5 / 6 : pidgin (CESA-2014:0139)
Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...
finch, libpurple, pidgin security update
CentOS Errata and Security Advisory CESA-2014:0139 Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVS...
CVE-2013-6479
util.c in libpurple in Pidgin before 2.10.8 does not properly allocate memory for HTTP responses that are inconsistent with the Content-Length header, which allows remote HTTP servers to cause a denial of service application crash via a crafted response...
pidgin
New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/pidgin-2.10.9-i486-1slack14.1.txz: Upgraded. This update fixes various security issues and other bugs. For...