217 matches found
Null pointer dereference
directconn.c in the MSN protocol plugin in libpurple 2.7.6 through 2.7.8 in Pidgin before 2.7.9 allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a short p2pv2 packet in a DirectConnect aka direct connection session...
CVE-2010-4528
directconn.c in the MSN protocol plugin in libpurple 2.7.6 through 2.7.8 in Pidgin before 2.7.9 allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a short p2pv2 packet in a DirectConnect aka direct connection session...
Ubuntu: Security Advisory (USN-1014-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : pidgin vulnerabilities (USN-1014-1)
Pierre Nogues discovered that Pidgin incorrectly handled malformed SLP messages in the MSN protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 8.04 LTS, 9.10 and 10.04 LTS...
USN-1014-1: Pidgin vulnerabilities
Pierre Noguès discovered that Pidgin incorrectly handled malformed SLP messages in the MSN protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 8.04 LTS, 9.10 and 10.04 LTS...
Mandriva Linux Security Advisory : pidgin (MDVSA-2010:002)
A security vulnerability has been identified and fixed in pidgin : Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. dot dot in an application/x-msnmsgrp2p MSN emoticon aka...
Debian Security Advisory DSA 2038-2 (pidgin)
The remote host is missing an update to pidgin announced via advisory DSA 2038-2. OpenVAS Vulnerability Test $Id: deb20382.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2038-2 pidgin Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
[Backports-security-announce] Security Update for pidgin
Jan Wagner uploaded a new package for pidgin which fixed the following security problem: CVE-2010-16241 It was discovered that the msnemoticonmsg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote attackers to cause a denial of service application crash...
CVE-2010-1624
The msnemoticonmsg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a custom emoticon in a malformed SLP message...
CVE-2010-1624
The msnemoticonmsg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a custom emoticon in a malformed SLP message...
Null pointer dereference
The msnemoticonmsg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a custom emoticon in a malformed SLP message...
CVE-2010-1624
The msnemoticonmsg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a custom emoticon in a malformed SLP message...
CVE-2010-1624
The CVE-2010-1624 issue affects Pidgin (libpurple) MSN protocol plugin, specifically the msn_emoticon_msg function in slp.c. It allows remote authenticated users to trigger a denial of service via a specially crafted SLP message containing a malformed emoticon, causing a NULL pointer dereference ...
CVE-2010-1624
The msnemoticonmsg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a custom emoticon in a malformed SLP message...
Debian: Security Advisory (DSA-2038-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 2038-1 (pidgin)
The remote host is missing an update to pidgin announced via advisory DSA 2038-1. OpenVAS Vulnerability Test $Id: deb20381.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2038-1 pidgin Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
[SECURITY] [DSA 2038-1] New pidgin packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-2038-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst April 18, 2010 http://www.debian.org/security/faq -...
openSUSE Security Update : finch (finch-2032)
This update of pidgin fixes various security vulnerabilities - CVE-2010-0013: CVSS v2 Base Score: 4.3: Path Traversal CWE-22 Remote file disclosure vulnerability by using the MSN protocol. - CVE-2010-0277: CVSS v2 Base Score: 4.9: Resource Management Errors CWE-399 MSN protocol plugin in libpurpl...
SuSE 11 Security Update : pidgin (SAT Patch Number 2019)
This update of pidgin fixes various security vulnerabilities : - Remote file disclosure vulnerability by using the MSN protocol. CVE-2010-0013: CVSS v2 Base Score: 4.3 : Path Traversal CWE-22 - MSN protocol plugin in libpurple allowed remote attackers to cause a denial of service memory corruptio...
Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : pidgin vulnerabilities (USN-902-1)
Fabian Yamaguchi discovered that Pidgin incorrectly validated all fields of an incoming message in the MSN protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. CVE-2010-0277 Sadrul Habib Chowdhury discovered that...