Lucene search
K

120 matches found

ThreatPost
ThreatPost
added 2010/05/04 2:13 p.m.10 views

IM Worm Spreading on Yahoo Messenger

A smiley-faced instant message with a photo link posing as if it’s from someone on your buddy list is actually spreading misery worldwide in the form of a worm on Yahoo Instant Messenger: The IM ultimately delivers a worm that allows an attacker to take over the victim’s machine, not to mention...

3AI score
Exploits0References2
OSV
OSV
added 2010/02/24 6:30 p.m.2 views

DEBIAN-CVE-2010-0423

gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service CPU consumption and application hang by sending many smileys in a 1 IM or 2 chat...

5CVSS6.8AI score0.02312EPSS
Exploits1References1
Cvelist
Cvelist
added 2010/02/24 6:0 p.m.30 views

CVE-2010-0423

gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service CPU consumption and application hang by sending many smileys in a 1 IM or 2 chat...

7.3AI score0.02312EPSS
Exploits1References26
Debian
Debian
added 2010/01/29 7:16 a.m.31 views

[Backports-security-announce] Security Update for pidgin

Jan Wagner uploaded a new package for pidgin which fixed the following security problem: CVE-2010-00131 and Debian Bug 5632062 It was discovered that Pidgin did not properly handle custom smiley requests in the MSN protocol handler. A remote attacker could send a specially crafted filename in a...

7.5CVSS2.7AI score0.12496EPSS
Exploits5
0day.today
0day.today
added 2010/01/19 12:0 a.m.34 views

Pidgin MSN <= 2.6.4 File Download Vulnerability

Exploit for unknown platform in category remote exploits =============================================== Pidgin MSN = 2.6.4 File Download Vulnerability =============================================== !/usr/bin/env python """ Pidgin MSN = 2.6.4 file download vulnerability Description: Pidgin is a...

7.1AI score0.12496EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2010/01/19 12:0 a.m.29 views

Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : pidgin vulnerabilities (USN-886-1)

It was discovered that Pidgin did not properly handle certain topic messages in the IRC protocol handler. If a user were tricked into connecting to a malicious IRC server, an attacker could cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 8.04 LTS, Ubuntu 8.1...

10CVSS8AI score0.20295EPSS
Exploits18References10
RedHat Linux
RedHat Linux
added 2009/09/21 3:34 p.m.5 views

Pidgin: NULL pointer dereference by processing a custom smiley (DoS)

The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service application crash via XHTML-IM content with cid: images...

5CVSS5.8AI score0.0169EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2009/09/15 12:0 a.m.27 views

Mandrake Security Advisory MDVSA-2009:230 (pidgin)

The remote host is missing an update to pidgin announced via advisory MDVSA-2009:230. OpenVAS Vulnerability Test $Id: mdksa2009230.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:230 pidgin Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...

10CVSS0.9AI score0.20295EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2009/09/14 12:0 a.m.32 views

Mandriva Linux Security Advisory : pidgin (MDVSA-2009:230)

Security vulnerabilities has been identified and fixed in pidgin : The msnslplinkprocessmsg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin formerly Gaim before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of...

10CVSS6.2AI score0.20295EPSS
Exploits10References8
OSV
OSV
added 2009/09/08 6:30 p.m.2 views

DEBIAN-CVE-2009-3085

The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service application crash via XHTML-IM content with cid: images...

5CVSS6.3AI score0.0169EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2009/09/08 12:0 a.m.26 views

CVE-2009-3085

The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service application crash via XHTML-IM content with cid: images...

5CVSS5.9AI score0.0169EPSS
Exploits0References3
Cvelist
Cvelist
added 2007/04/25 4:0 p.m.22 views

CVE-2007-2248

Multiple cross-site scripting XSS vulnerabilities in admin.php in Phorum before 5.1.22 allow remote attackers to inject arbitrary web script or HTML via the 1 groupid parameter in the groups module or 2 the smileyid parameter in the smileys modsettings module...

5.8AI score0.02313EPSS
Exploits1References9
Cvelist
Cvelist
added 2007/03/03 8:0 p.m.28 views

CVE-2007-1255

Unrestricted file upload vulnerability in admin.bbcode.php in Connectix Boards 0.7 and earlier allows remote authenticated administrators to execute arbitrary PHP code by uploading a crafted GIF smiley image with a .php extension via the uploadimage parameter to admin.php, which can be later...

8.1AI score0.00866EPSS
Exploits1References5
CVE
CVE
added 2006/12/14 2:0 a.m.59 views

CVE-2006-6541

Animated Smiley Generator is affected by a PHP remote file inclusion issue in signer/final.php, exploitable via a URL in the smiley parameter. The vulnerability arises in warez distributions; vendor-disputed claim suggests legitimate developer-provided software may be unaffected. Affected version...

7.5CVSS7.9AI score0.01785EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2006/12/14 12:0 a.m.4 views

PT-2006-7144 · Unknown · Animated Smiley Generator

Name of the Vulnerable Software and Affected Versions: Animated Smiley Generator affected versions not specified Description: A remote file inclusion issue allows attackers to execute arbitrary PHP code via a URL in the smiley parameter. The vendor disputes this issue, stating it only affects War...

7.5CVSS7.6AI score0.01785EPSS
Exploits0References7
Packet Storm
Packet Storm
added 2006/12/11 12:0 a.m.33 views

asg-rfi.txt

LiderHack.Org & Trtekforum.com script name : Animated Smiley Generator Version : All script sites : http://smileygenerator.us Dork : "Smileygenerator" Risk : High Found By : St@rExT Vulnerable file :final.php Error code : require"$smiley/cmd.php"; Exploit:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/12/09 12:0 a.m.30 views

Animated Smiley Generator File Include Vul.

LiderHack.Org & Trtekforum.com script name : Animated Smiley Generator Version : All script sites : http://smileygenerator.us Dork : "Smileygenerator" Risk : High Found By : St@rExT Vulnerable file :final.php Error code : require"$smiley/cmd.php"; Exploit:...

7.3AI score
Exploits0
NVD
NVD
added 2006/11/17 12:7 a.m.11 views

CVE-2006-5952

SQL injection vulnerability in admin/default.asp in ASP Smiley 1.0 allows remote attackers to execute arbitrary SQL commands via the Username field...

7.5CVSS8.4AI score0.01129EPSS
Exploits0References5
CVE
CVE
added 2006/11/17 12:0 a.m.37 views

CVE-2006-5952

The CVE-2006-5952 entry documents a SQL injection vulnerability in ASP Smiley 1.0, exploitable via the Username field in admin/default.asp. The underlying issue is an input-validated SQL query construction flaw that allows remote attackers to execute arbitrary SQL commands. Reported impact indica...

7.5CVSS8.8AI score0.01129EPSS
Exploits0References5Affected Software1
seebug.org
seebug.org
added 2006/11/16 12:0 a.m.28 views

ASP Smiley 1.0 (default.asp) Login ByPass SQL Injection Vulnerability

No description provided by source. Title : ASP Smiley v1.0 default.asp Remote Login ByPass SQL Injection Vulnerability Author : ajann Example: http://target/path/admin/ UserName: ' union select 0,0,0,0,0,0,0,0 from categories """"""""""""""""""""" ajann,Turkey ... Im not Hacker!...

7.1AI score
Exploits0
Rows per page
Query Builder