225 matches found
EUVD-2011-4527
Malware in sbrugna...
EUVD-2005-2810
Malware in sbrugna...
EUVD-2011-3553
Malware in sbrugna...
EUVD-2008-7118
Malware in sbrugna...
EUVD-2009-3035
Malware in sbrugna...
EUVD-2009-3146
Malware in sbrugna...
EUVD-2008-1236
Malware in sbrugna...
EUVD-2007-3712
Malware in sbrugna...
SUSE CVE-2003-1439
Secure Internet Live Conferencing SILC 0.9.11 and 0.9.12 stores passwords and sessions in plaintext in memory, which could allow local users to obtain sensitive information...
SUSE CVE-2007-1327
The SILCSERVERCMDFUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attackers to cause a denial of service NULL dereference and daemon crash via a request without a cipher algorithm and an invalid HMAC algorithm...
SUSE CVE-2007-3728
Buffer overflow in lib/silcclient/clientnotify.c of SILC Client and SILC Toolkit before 1.1.2 allows remote attackers to cause a denial of service via "NICKCHANGE" notifications...
SUSE CVE-2008-1227
Stack-based buffer overflow in the silcfingerprint function in lib/silcutil/silcutil.c in Secure Internet Live Conferencing SILC Toolkit 1.1.5, and unspecified earlier versions, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via long input data. NOTE...
SUSE CVE-2008-1429
Secure Internet Live Conferencing SILC Server before 1.1.1 allows remote attackers to cause a denial of service daemon crash via a NEWCLIENT packet without a nickname...
SUSE CVE-2008-1552
The silcpkcs1decode function in the silccrypt library silcpkcs1.c in Secure Internet Live Conferencing SILC Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a crafted PKCS1 message, which triggers an integer...
SUSE CVE-2008-7159
The silcasn1encoder function in lib/silcasn1/silcasn1encode.c in Secure Internet Live Conferencing SILC Toolkit before 1.1.8 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted OID value, related to incorrect use of a %lu format string...
SUSE CVE-2008-7160
The silchttpserverparse function in lib/silchttp/silchttpserver.c in the internal HTTP server in silcd in Secure Internet Live Conferencing SILC Toolkit before 1.1.9 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted Content-Length header,...
SUSE CVE-2009-3051
Multiple format string vulnerabilities in lib/silcclient/cliententry.c in Secure Internet Live Conferencing SILC Toolkit before 1.1.10, and SILC Client before 1.1.8, allow remote attackers to execute arbitrary code via format string specifiers in a nickname field, related to the 1...
SUSE CVE-2011-3594
The gmarkupescapetext function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service crash via invalid UTF-8 sequences that trigger use of invalid pointers and an out-of-bounds read, relate...
SUSE CVE-2011-4603
The silcchannelmessage function in ops.c in the SILC protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attackers to cause a denial of service application crash via a crafted message, a different vulnerability...
Denial Of Service (DoS)
pidgin is vulnerable to denial of service. An input sanitization flaw was found in the way the Pidgin SILC Secure Internet Live Conferencing protocol plug-in escaped certain UTF-8 characters in channel messages. A remote attacker could use this flaw to crash Pidgin via a specially-crafted SILC...