Lucene search
K
PidginLibpurple

7 matches found

CVE
CVE
added 2009/09/08 6:0 p.m.82 views

CVE-2009-2703

CVE-2009-2703 affects Pidgin (libpurple IRC protocol plug-in) where an IRC TOPIC message lacking a topic string can trigger a NULL pointer dereference, leading to a denial of service (application crash). This vulnerability is discussed in Red Hat/Oracle Linux advisories that upgrade Pidgin to ver...

5CVSS7.1AI score0.0192EPSS
CVE
CVE
added 2009/09/08 6:0 p.m.82 views

CVE-2009-3083

CVE-2009-3083 affects Pidgin (libpurple) MSN protocol plug-in. The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c can crash via a malformed MSNSLP invite when required fields are missing, causing a remote denial-of-service (NULL pointer dereference). Affected product: Pidgin prior to ...

5CVSS7.2AI score0.02683EPSS
CVE
CVE
added 2011/11/04 9:0 p.m.82 views

CVE-2011-3594

CVE-2011-3594 affects the Pidgin/libpurple SILC protocol plug-in (libpurple 2.10.0 and earlier). The issue: remote sending of certain SILC messages with invalid UTF-8 sequences can trigger use-after-free/invalid-pointer and out-of-bounds reads, crashing Pidgin. Public advisories show downstream p...

4.3CVSS7.2AI score0.03194EPSS
CVE
CVE
added 2009/09/08 6:0 p.m.68 views

CVE-2009-3085

CVE-2009-3085 affects Pidgin’s libpurple XMPP plugin. Root cause: a NULL pointer dereference when processing an IQ error response while fetching a custom smiley, leading to a remote denial of service (PIDGIN crash) via XHTML-IM content with cid: images. Affected versions are Pidgin before 2.6.2; ...

5CVSS7.2AI score0.0169EPSS
CVE
CVE
added 2009/09/08 6:0 p.m.62 views

CVE-2009-3084

The CVE affects the MSN protocol plugin in libpurple (used by Pidgin up to 2.6.1). The vulnerability is in msn_slp_process_msg when handling handwritten Ink messages, caused by an uninitialized variable and an incorrect UTF16-LE charset name, allowing a remote attacker to crash the application (d...

5CVSS7.1AI score0.02517EPSS
CVE
CVE
added 2011/08/29 5:0 p.m.55 views

CVE-2011-2943

Pidgin (libpurple IRC protocol plugin) is affected by CVE-2011-2943. The irc_msg_who handler in msgs.c fails to validate characters in nicknames, allowing user-assisted remote attackers to trigger a denial of service (NULL pointer dereference and crash). Affected versions are libpurple 2.8.0–2.9....

4.3CVSS6.3AI score0.03596EPSS
CVE
CVE
added 2011/01/07 11:0 a.m.54 views

CVE-2010-4528

The CVE-2010-4528 issue affects the MSN protocol plugin in libpurple used by Pidgin, specifically in directconn.c for Pidgin versions 2.7.6–2.7.8. The flaw allows remote authenticated users to trigger a denial-of-service via a short p2pv2 DirectConnect (direct connection) packet, resulting in a N...

4CVSS6.1AI score0.02548EPSS