Lucene search

K
ubuntuUbuntuUSN-1273-1
HistoryNov 21, 2011 - 12:00 a.m.

Pidgin vulnerabilities

2011-11-2100:00:00
ubuntu.com
28

7.7 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.096 Low

EPSS

Percentile

94.6%

Releases

  • Ubuntu 11.04
  • Ubuntu 10.10
  • Ubuntu 10.04

Packages

  • pidgin - graphical multi-protocol instant messaging client for X

Details

Marius Wachtler discovered that Pidgin incorrectly handled malformed YMSG
messages in the Yahoo! protocol handler. A remote attacker could send a
specially crafted message and cause Pidgin to crash, leading to a denial
of service. This issue only affected Ubuntu 10.04 LTS and 10.10.
(CVE-2011-1091)

Marius Wachtler discovered that Pidgin incorrectly handled HTTP 100
responses in the MSN protocol handler. A remote attacker could send a
specially crafted message and cause Pidgin to crash, leading to a denial
of service. (CVE-2011-3184)

Diego Bauche Madero discovered that Pidgin incorrectly handled UTF-8
sequences in the SILC protocol handler. A remote attacker could send a
specially crafted message and cause Pidgin to crash, leading to a denial
of service. (CVE-2011-3594)

OSVersionArchitecturePackageVersionFilename
Ubuntu11.04noarchpidgin< 1:2.7.11-1ubuntu2.1UNKNOWN
Ubuntu11.04noarchfinch< 1:2.7.11-1ubuntu2.1UNKNOWN
Ubuntu11.04noarchlibpurple0< 1:2.7.11-1ubuntu2.1UNKNOWN
Ubuntu11.04noarchpidgin-dbg< 1:2.7.11-1ubuntu2.1UNKNOWN
Ubuntu10.10noarchpidgin< 1:2.7.3-1ubuntu3.3UNKNOWN
Ubuntu10.10noarchfinch< 1:2.7.3-1ubuntu3.3UNKNOWN
Ubuntu10.10noarchlibpurple0< 1:2.7.3-1ubuntu3.3UNKNOWN
Ubuntu10.10noarchpidgin-dbg< 1:2.7.3-1ubuntu3.3UNKNOWN
Ubuntu10.04noarchpidgin< 1:2.6.6-1ubuntu4.4UNKNOWN
Ubuntu10.04noarchfinch< 1:2.6.6-1ubuntu4.4UNKNOWN
Rows per page:
1-10 of 121

7.7 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.096 Low

EPSS

Percentile

94.6%