Arbitrary Code Execution

pidgin is vulnerable to arbitrary code execution. If a user received a malicious MSN message, it was possible to execute arbitrary code with the permissions of the user running Pidgin...

RHEL 4 / 5 : pidgin (RHSA-2008:1023)

The remote Redhat Enterprise Linux 4 / 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2008:1023 advisory. - pidgin: remote DoS via MSN message with crafted file name CVE-2008-2955 - pidgin: unrestricted download of arbitrary files triggered v...

MSN cross-site vulnerability analysis-vulnerability warning-the black bar safety net

As early as a few days ago, heard colleagues say,“friends msn send to a web page, enter the password, the results a few days later, the MSN password is wrong, could be stolen.” At that time also asked colleagues want the address, but he said address not found. A few days later a friend said to se...

CVE-2008-2955

Pidgin 2.4.1 allows remote attackers to cause a denial of service crash via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msnslplinkprocessmsg function...

CVE-2008-2955

Pidgin 2.4.1 allows remote attackers to cause a denial of service crash via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msnslplinkprocessmsg function...

CVE-2008-2955

Pidgin 2.4.1 allows remote attackers to cause a denial of service crash via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msnslplinkprocessmsg function...

Code injection

Pidgin 2.4.1 allows remote attackers to cause a denial of service crash via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msnslplinkprocessmsg function...

CVE-2008-2955

Pidgin 2.4.1 allows remote attackers to cause a denial of service crash via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msnslplinkprocessmsg function...

CVE-2008-2409

Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message...

Stack overflow

Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message...

CVE-2005-1934

Gaim before 1.3.1 allows remote attackers to cause a denial of service crash via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error...

CVE-2005-1262

Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service application crash via a malformed MSN message...

CVE-2005-1262

Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service application crash via a malformed MSN message...

CVE-2005-1262

CVE-2005-1262 affects Gaim 1.2.1 and earlier. The issue allows remote attackers to cause a denial of service (application crash) by sending a malformed MSN message. Connected sources corroborate a separate but related buffer/URL handling flaw (CVE-2005-1261) and indicate updated packages to fix b...

CVE-2005-1262

Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service application crash via a malformed MSN message...