21 matches found
EUVD-2014-3643
Malware in sbrugna...
EUVD-2014-3640
Malware in sbrugna...
EUVD-2009-2694
Malware in sbrugna...
EUVD-2014-0121
Malware in sbrugna...
EUVD-2010-0451
Malware in sbrugna...
CVE-2010-3088
The notify function in pidgin-knotify.c in the pidgin-knotify plugin 0.2.1 and earlier for Pidgin allows remote attackers to execute arbitrary commands via shell metacharacters in a message...
Linux Distros Unpatched Vulnerability : CVE-2017-2640
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash...
RHSA-2013:0646 Red Hat Security Advisory: pidgin security update
Bulletin has no description...
CVE-2022-26491
An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attack...
SUSE-SU-2022:1665-1 Security update for pidgin
This update for pidgin fixes the following issues: - CVE-2022-26491: Fixed MITM vulnerability when DNSSEC wasn't used bsc1199025...
pidgin: SSL/TLS plug-ins failed to check Basic Constraints
It was found that Pidgin's SSL/TLS plug-ins had a flaw in the certificate validation functionality. An attacker could use this flaw to create a fake certificate, that Pidgin would trust, which could be used to conduct man-in-the-middle attacks against Pidgin...
openSUSE Security Update : pidgin (openSUSE-2017-431)
This update for pidgin fixes the following issues : Feature update : - Update to GNOME 3.20.2 fate318572. Security issues fixed : - CVE-2017-2640: Fix an out of bounds memory read in purplemarkupunescapeentity. boo1028835 - CVE-2014-3698: remote information leak via crafted XMPP message boo902408...
SUSE-SU-2016:2416-1 Security update for pidgin
This update for pidgin fixes the following issues: Security issues fixed: - CVE-2016-2367: Fixed a MXIT Avatar Length Memory Disclosure Vulnerability bsc991715. - CVE-2016-2370: Fixed a MXIT Custom Resource Denial of Service Vulnerability bsc991712. - CVE-2016-2371: Fixed a MXIT Extended Profiles...
MGASA-2014-0425 Updated pidgin packages fix security vulnerabilities
In Pidgin before 2.10.10, both of libpurple's bundled SSL/TLS plugins one for GnuTLS and one for NSS failed to check that the Basic Constraints extension allowed intermediate certificates to act as CAs. This allowed anyone with any valid certificate to create a fake certificate for any arbitrary...
Pidgin < 2.10.10
Binary data 8575.prm...
CVE-2013-6485
Buffer overflow in util.c in libpurple in Pidgin before 2.10.8 allows remote HTTP servers to cause a denial of service application crash or possibly have unspecified other impact via an invalid chunk-size field in chunked transfer-coding data...
CVE-2013-0271
The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted 1 mxit or 2 mxit/imagestrips pathname...
CentOS Update for finch CESA-2009:1536 centos4 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Subject: BSA-008 Security Update for pidgin
Jan Wagner uploaded new packages for pidgin which fixed the following security problems: CVE-2010-3711 Fixes multiple remotely-triggered DoSes https://vulners.com/cve/CVE-2010-3711 For the lenny-backports distribution the problems have been fixed in version 2.7.3-1bpo50+2. For the unstable sid...
Pidgin < 2.6.5 Information Disclosure Vulnerability
Binary data 5298.prm...