4 matches found
SUSE CVE-2009-3025
Unspecified vulnerability in Pidgin 2.6.0 allows remote attackers to cause a denial of service crash via a link in a Yahoo IM...
Null pointer dereference
libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows 1 remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a malformed YMSG notification packet, and allows 2 remote Yahoo! servers to cause a denial of...
CVE-2011-1091
libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows 1 remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a malformed YMSG notification packet, and allows 2 remote Yahoo! servers to cause a denial of...
CVE-2009-3026
protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the "require TLS/SSL" preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect to the server without the expected encryption an...