EUVD-2012-2360

Malware in sbrugna...

OPENSUSE-SU-2024:11173-1 pidgin-plugin-otr-4.0.2-3.18 on GA media

These are all security issues fixed in the pidgin-plugin-otr-4.0.2-3.18 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2015-8833

Use-after-free vulnerability in the createsmpdialog function in gtk-dialog.c in the Off-the-Record Messaging OTR pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the "Authenticate buddy" menu item...

UBUNTU-CVE-2015-8833

Use-after-free vulnerability in the createsmpdialog function in gtk-dialog.c in the Off-the-Record Messaging OTR pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the "Authenticate buddy" menu item...

DSA-3528-1 pidgin-otr - security update

Bulletin has no description...

Fedora Update for pidgin-otr FEDORA-2012-7948

Check for the Version of pidgin-otr OpenVAS Vulnerability Test Fedora Update for pidgin-otr FEDORA-2012-7948 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

DEBIAN-CVE-2012-2369

Format string vulnerability in the logmessagecb function in otr-plugin.c in the Off-the-Record Messaging OTR pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbitrary code via format string specifiers in data that generates a log message...

(libpurple): Invalid UTF-8 string handling in OSCAR messages

familyfeedbag.c in the oscar protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attackers to cause a denial of service application crash via a crafted 1 AIM or 2 ICQ message associated with buddy-list addition...

pidgin: SILC remote crash on channel messages

The silcchannelmessage function in ops.c in the SILC protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attackers to cause a denial of service application crash via a crafted message, a different vulnerability...

Pidgin: MSN SLP emoticon DoS (NULL pointer dereference)

The msnemoticonmsg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a custom emoticon in a malformed SLP message...

[SECURITY] Fedora 11 Update: pidgin-sipe-1.9.1-1.fc11

A third-party plugin for the Pidgin multi-protocol instant messenger. It implements the extended version of SIP/SIMPLE used by various products: Microsoft Office Communications Server OCS 2007/2007 R2 and newer Microsoft Live Communications Server LCS 2003/2005 Reuters Messaging With this plugin...