40 matches found
EUVD-2012-6008
Malware in sbrugna...
Oracle Linux 6 : pidgin (ELSA-2011-0616)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0616 advisory. - Add patch for CVE-2011-1091 RH bug 683031. - Remove patches now included upstream: pidgin-2.6.6-clientLogin-proxy-fix.patch...
SUSE CVE-2011-1091
libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows 1 remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a malformed YMSG notification packet, and allows 2 remote Yahoo! servers to cause a denial of...
SUSE CVE-2012-6152
The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service application crash via crafted byte sequences...
Denial Of Service (DoS)
pidgin is vulnerable to denial of service DoS attacks. The vulnerability exists as the Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service application crash via crafted byte sequences...
Updated pidgin packages fix CVE-2014-3775
Updated pidgin packages fix security vulnerability: It was discovered that libgadu incorrectly handled certain messages from file relay servers. A malicious remote server or a man in the middle could use this issue to cause applications using libgadu to crash, resulting in a denial of service, or...
MGASA-2014-0295 Updated pidgin packages fix CVE-2014-3775
Updated pidgin packages fix security vulnerability: It was discovered that libgadu incorrectly handled certain messages from file relay servers. A malicious remote server or a man in the middle could use this issue to cause applications using libgadu to crash, resulting in a denial of service, or...
Ubuntu: Security Advisory (USN-2100-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2013-6481
libpurple/protocols/yahoo/libymsg.c in Pidgin before 2.10.8 allows remote attackers to cause a denial of service crash via a Yahoo! P2P message with a crafted length field, which triggers a buffer over-read...
CVE-2012-6152
The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service application crash via crafted byte sequences...
DEBIAN-CVE-2012-6152
The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service application crash via crafted byte sequences...
CVE-2012-6152
The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service application crash via crafted byte sequences...
Design/Logic Flaw
The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service application crash via crafted byte sequences...
CVE-2012-6152
The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service application crash via crafted byte sequences...
CVE-2012-6152
CVE-2012-6152 affects Pidgin’s Yahoo! protocol plugin (libpurple) before 2.10.8. The vulnerability arises from improper validation of UTF-8 data, enabling a remote attacker to crash the application (DoS) via crafted byte sequences. Affected: Pidgin/libpurple up to version 2.10.7.x; remediator: up...
pidgin: DoS caused due to OOB read in Yahoo protocol plugin
libpurple/protocols/yahoo/libymsg.c in Pidgin before 2.10.8 allows remote attackers to cause a denial of service crash via a Yahoo! P2P message with a crafted length field, which triggers a buffer over-read...
pidgin: DoS when decoding non-UTF-8 strings in Yahoo protocol plugin
The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service application crash via crafted byte sequences...
Updated pidgin package fixes security vulnerabilities
Many places in the Yahoo! protocol plugin assumed incoming strings were UTF-8 and failed to transcode from non-UTF-8 encodings. This can lead to a crash when receiving strings that aren't UTF-8 CVE-2012-6152. A remote XMPP user can trigger a crash on some systems by sending a message with a...
MGASA-2014-0034 Updated pidgin package fixes security vulnerabilities
Many places in the Yahoo! protocol plugin assumed incoming strings were UTF-8 and failed to transcode from non-UTF-8 encodings. This can lead to a crash when receiving strings that aren't UTF-8 CVE-2012-6152. A remote XMPP user can trigger a crash on some systems by sending a message with a...
CVE-2012-6152
The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service application crash via crafted byte sequences...