pidgin: DoS in IRC protocol plugin due to arguement parsing

The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not validate argument counts, which allows remote IRC servers to cause a denial of service application crash via a crafted message...

pidgin: Possible spoofing using iq replies in XMPP protocol plugin

The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not properly determine whether the from address in an iq reply is consistent with the to address in an iq request, which allows remote attackers to spoof iq traffic or cause a denial of service NULL pointer dereference and...

pidgin: Heap-based buffer overflow in SIMPLE protocol plugin

The SIMPLE protocol functionality in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a negative Content-Length header, which triggers a buffer overflow...

CVE-2012-6152

The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service application crash via crafted byte sequences...

CVE-2013-0273

sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service application crash via a crafted packet...

DSA-2509-1 pidgin - remote code execution

Bulletin has no description...

Fedora 17 : pidgin-2.10.2-1.fc17 (2012-4650)

version 2.10.2 03/14/2012 View all closed tickets for this release. General: Fix compilation when using binutils 2.22 and new GDK pixbuf. 14799 Fix compilation of the MXit protocol plugin with GLib 2.31. 14773 Pidgin: Add support for the GNOME3 Network dialog. 13882 Fix rare crash. 14392 Add...

DEBIAN-CVE-2012-1178

The msnoimreporttouser function in oim.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.2 allows remote servers to cause a denial of service application crash via an OIM message that lacks UTF-8 encoding...

CVE-2012-1178

The msnoimreporttouser function in oim.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.2 allows remote servers to cause a denial of service application crash via an OIM message that lacks UTF-8 encoding...

Pidgin XMPP And SILC Protocols Denial of Service Vulnerabilities (Windows)

This host is installed with Pidgin and is prone to denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: secpodpidginxmppandsilcprotocoldosvulnwin.nasl 7019 2017-08-29 11:51:27Z teissa $ Pidgin XMPP And SILC Protocols Denial of Service Vulnerabilities Windows Authors: Rachana Shetty...

DEBIAN-CVE-2011-4603

The silcchannelmessage function in ops.c in the SILC protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attackers to cause a denial of service application crash via a crafted message, a different vulnerability...

CVE-2011-4603

The silcchannelmessage function in ops.c in the SILC protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attackers to cause a denial of service application crash via a crafted message, a different vulnerability...

DEBIAN-CVE-2011-4602

The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing fields in 1 voice-chat and 2 video-chat stanzas, which allows remote attackers to cause a denial of service application crash via a crafted message...

CVE-2011-4602

The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing fields in 1 voice-chat and 2 video-chat stanzas, which allows remote attackers to cause a denial of service application crash via a crafted message...

DEBIAN-CVE-2011-3594

The gmarkupescapetext function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service crash via invalid UTF-8 sequences that trigger use of invalid pointers and an out-of-bounds read, relate...

Mandriva Update for pidgin MDVSA-2011:132 (pidgin)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Update for pidgin MDVSA-2011:132 (pidgin)

Check for the Version of pidgin OpenVAS Vulnerability Test Mandriva Update for pidgin MDVSA-2011:132 pidgin Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Pidgin Libpurple Protocol Plugins Denial of Service Vulnerabilities (Windows)

This host is installed with Pidgin and is prone to denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gbpidginlibpurpleprotocolpluginsdosvulnwin.nasl 7024 2017-08-30 11:51:43Z teissa $ Pidgin Libpurple Protocol Plugins Denial of Service Vulnerabilities Windows Authors: Rachana...

DEBIAN-CVE-2011-3184

The msnhttpconnparsedata function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.0 does not properly handle HTTP 100 responses, which allows remote attackers to cause a denial of service incorrect memory access and application crash via vectors involving a crafted...

Null pointer dereference

The ircmsgwho function in msgs.c in the IRC protocol plugin in libpurple 2.8.0 through 2.9.0 in Pidgin before 2.10.0 does not properly validate characters in nicknames, which allows user-assisted remote attackers to cause a denial of service NULL pointer dereference and application crash via a...