120 matches found
IM Worm Spreading on Yahoo Messenger
A smiley-faced instant message with a photo link posing as if it’s from someone on your buddy list is actually spreading misery worldwide in the form of a worm on Yahoo Instant Messenger: The IM ultimately delivers a worm that allows an attacker to take over the victim’s machine, not to mention...
DEBIAN-CVE-2010-0423
gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service CPU consumption and application hang by sending many smileys in a 1 IM or 2 chat...
CVE-2010-0423
gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service CPU consumption and application hang by sending many smileys in a 1 IM or 2 chat...
[Backports-security-announce] Security Update for pidgin
Jan Wagner uploaded a new package for pidgin which fixed the following security problem: CVE-2010-00131 and Debian Bug 5632062 It was discovered that Pidgin did not properly handle custom smiley requests in the MSN protocol handler. A remote attacker could send a specially crafted filename in a...
Pidgin MSN <= 2.6.4 File Download Vulnerability
Exploit for unknown platform in category remote exploits =============================================== Pidgin MSN = 2.6.4 File Download Vulnerability =============================================== !/usr/bin/env python """ Pidgin MSN = 2.6.4 file download vulnerability Description: Pidgin is a...
Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : pidgin vulnerabilities (USN-886-1)
It was discovered that Pidgin did not properly handle certain topic messages in the IRC protocol handler. If a user were tricked into connecting to a malicious IRC server, an attacker could cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 8.04 LTS, Ubuntu 8.1...
Pidgin: NULL pointer dereference by processing a custom smiley (DoS)
The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service application crash via XHTML-IM content with cid: images...
Mandrake Security Advisory MDVSA-2009:230 (pidgin)
The remote host is missing an update to pidgin announced via advisory MDVSA-2009:230. OpenVAS Vulnerability Test $Id: mdksa2009230.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:230 pidgin Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...
Mandriva Linux Security Advisory : pidgin (MDVSA-2009:230)
Security vulnerabilities has been identified and fixed in pidgin : The msnslplinkprocessmsg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin formerly Gaim before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of...
DEBIAN-CVE-2009-3085
The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service application crash via XHTML-IM content with cid: images...
CVE-2009-3085
The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service application crash via XHTML-IM content with cid: images...
CVE-2007-2248
Multiple cross-site scripting XSS vulnerabilities in admin.php in Phorum before 5.1.22 allow remote attackers to inject arbitrary web script or HTML via the 1 groupid parameter in the groups module or 2 the smileyid parameter in the smileys modsettings module...
CVE-2007-1255
Unrestricted file upload vulnerability in admin.bbcode.php in Connectix Boards 0.7 and earlier allows remote authenticated administrators to execute arbitrary PHP code by uploading a crafted GIF smiley image with a .php extension via the uploadimage parameter to admin.php, which can be later...
CVE-2006-6541
Animated Smiley Generator is affected by a PHP remote file inclusion issue in signer/final.php, exploitable via a URL in the smiley parameter. The vulnerability arises in warez distributions; vendor-disputed claim suggests legitimate developer-provided software may be unaffected. Affected version...
PT-2006-7144 · Unknown · Animated Smiley Generator
Name of the Vulnerable Software and Affected Versions: Animated Smiley Generator affected versions not specified Description: A remote file inclusion issue allows attackers to execute arbitrary PHP code via a URL in the smiley parameter. The vendor disputes this issue, stating it only affects War...
asg-rfi.txt
LiderHack.Org & Trtekforum.com script name : Animated Smiley Generator Version : All script sites : http://smileygenerator.us Dork : "Smileygenerator" Risk : High Found By : St@rExT Vulnerable file :final.php Error code : require"$smiley/cmd.php"; Exploit:...
Animated Smiley Generator File Include Vul.
LiderHack.Org & Trtekforum.com script name : Animated Smiley Generator Version : All script sites : http://smileygenerator.us Dork : "Smileygenerator" Risk : High Found By : St@rExT Vulnerable file :final.php Error code : require"$smiley/cmd.php"; Exploit:...
CVE-2006-5952
SQL injection vulnerability in admin/default.asp in ASP Smiley 1.0 allows remote attackers to execute arbitrary SQL commands via the Username field...
CVE-2006-5952
The CVE-2006-5952 entry documents a SQL injection vulnerability in ASP Smiley 1.0, exploitable via the Username field in admin/default.asp. The underlying issue is an input-validated SQL query construction flaw that allows remote attackers to execute arbitrary SQL commands. Reported impact indica...
ASP Smiley 1.0 (default.asp) Login ByPass SQL Injection Vulnerability
No description provided by source. Title : ASP Smiley v1.0 default.asp Remote Login ByPass SQL Injection Vulnerability Author : ajann Example: http://target/path/admin/ UserName: ' union select 0,0,0,0,0,0,0,0 from categories """"""""""""""""""""" ajann,Turkey ... Im not Hacker!...