EUVD-2016-5323

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-2371

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory...

Linux Distros Unpatched Vulnerability : CVE-2016-2372

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an...

Linux Distros Unpatched Vulnerability : CVE-2016-2380

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent to the server could potentially result in an...

Linux Distros Unpatched Vulnerability : CVE-2010-1624

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The msnemoticonmsg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of servi...

RHSA-2010:0115 Red Hat Security Advisory: pidgin security update

Bulletin has no description...

RHSA-2009:1218 Red Hat Security Advisory: pidgin security update

Bulletin has no description...

SUSE CVE-2010-1624

The msnemoticonmsg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a custom emoticon in a malformed SLP message...

Pidgin 2.13.0 - Denial of Service (PoC)

Pidgin 2.13.0 - Denial of Service PoC -- coding: utf-8 -- Exploit Title: Pidgin 2.13.0 - Denial of Service PoC Date: 24/05/2019 Author: Alejandra Sánchez Vendor Homepage: https://pidgin.im/ Software https://cfhcable.dl.sourceforge.net/project/pidgin/Pidgin/2.13.0/pidgin-2.13.0.exe Version: 2.13.0...

CVE-2016-2376

A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in arbitrary code execution. A malicious server or an attacker who intercepts the network traffic can send an invalid size for a packet...

CVE-2014-3775

libgadu before 1.11.4 and 1.12.0 before 1.12.0-rc3, as used in Pidgin and other products, allows remote Gadu-Gadu file relay servers to cause a denial of service memory overwrite or possibly execute arbitrary code via a crafted message...

CVE-2013-6484

The STUN protocol implementation in libpurple in Pidgin before 2.10.8 allows remote STUN servers to cause a denial of service out-of-bounds write operation and application crash by triggering a socket read error...

CVE-2013-6478

gtkimhtml.c in Pidgin before 2.10.8 does not properly interact with underlying library support for wide Pango layouts, which allows user-assisted remote attackers to cause a denial of service application crash via a long URL that is examined with a tooltip...

CVE-2013-0272

Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header...

CVE-2011-4922

cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or other representation of memory contents...

CVE-2012-3374

Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message...

CVE-2012-2318

msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service application crash by placing these characters in a text/plain message...

CVE-2011-4939

The pidginconvchatrenameuser function in gtkconv.c in Pidgin before 2.10.2 allows remote attackers to cause a denial of service NULL pointer dereference and application crash by changing a nickname while in an XMPP chat room...

CVE-2011-4602

The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing fields in 1 voice-chat and 2 video-chat stanzas, which allows remote attackers to cause a denial of service application crash via a crafted message...

CVE-2011-3594

The gmarkupescapetext function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service crash via invalid UTF-8 sequences that trigger use of invalid pointers and an out-of-bounds read, relate...