EUVD-2010-0308

Malware in sbrugna...

CVE-2010-0277

slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a...

Memory corruption

slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a...

Moderate: Red Hat Security Advisory: pidgin security update

Updated pidgin packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on...

Mandrake Security Advisory MDVSA-2009:230 (pidgin)

The remote host is missing an update to pidgin announced via advisory MDVSA-2009:230. OpenVAS Vulnerability Test $Id: mdksa2009230.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:230 pidgin Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...

Pidgin MSN <= 2.5.8 Remote Code Execution Exploit

Exploit for windows platform in category remote exploits ================================================= Pidgin MSN = 2.5.8 Remote Code Execution Exploit ================================================= / Pidgin MSN = 2.5.8 Remote Code Execution Pierre Nogues Description: Pidgin is a...

Pidgin Libpurple库msn_slplink_process_msg()函数内存破坏漏洞

CVECAN ID: CVE-2009-2694 Pidgin是支持多种协议的即时通讯客户端。 Pidgin和其他一些即时消息客户端所使用的Libpurple库中存在内存破坏漏洞，远程攻击者可以通过向聊天客户端发送特制的MSNSLP报文触发这个漏洞，导致执行任意代码。 攻击需要发送两个连续的MSNSLP消息，第一个用于对slpmsg存储会话id，第二个用于触发漏洞，最终目标是到达msnslplinkprocessmsg中的memcpy调用。需要创建偏移为非0的MSNSLP消息，因为这个值是memcpy的目标。...

CVE-2009-2694

The msnslplinkprocessmsg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin formerly Gaim before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash by sending multiple...

CVE-2004-0891

Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer...

gaim remotely exploitable vulnerabilities in MSN component

Sebastian Krahmer discovered several remotely exploitable buffer overflow vulnerabilities in the MSN component of gaim. In two places in the MSN protocol plugins object.c and slp.c, strncpy was used incorrectly; the size of the array was not checked before copying to it. Both bugs affect MSN's...