Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-1746-1
HistoryFeb 25, 2013 - 12:00 a.m.

Pidgin vulnerabilities

2013-02-2500:00:00
ubuntu.com
27

6.7 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.8%

JSON

Releases

  • Ubuntu 12.10
  • Ubuntu 12.04
  • Ubuntu 11.10
  • Ubuntu 10.04

Packages

  • pidgin - graphical multi-protocol instant messaging client for X

Details

Chris Wysopal discovered that Pidgin incorrectly handled file transfers in
the MXit protocol handler. A remote attacker could use this issue to create
or overwrite arbitrary files. This issue only affected Ubuntu 11.10,
Ubuntu 12.04 LTS and Ubuntu 12.10. (CVE-2013-0271)

It was discovered that Pidgin incorrectly handled long HTTP headers in the
MXit protocol handler. A malicious remote server could use this issue to
execute arbitrary code. (CVE-2013-0272)

It was discovered that Pidgin incorrectly handled long user IDs in the
Sametime protocol handler. A malicious remote server could use this issue
to cause Pidgin to crash, resulting in a denial of service. (CVE-2013-0273)

It was discovered that Pidgin incorrectly handled long strings when
processing UPnP responses. A remote attacker could use this issue to cause
Pidgin to crash, resulting in a denial of service. (CVE-2013-0274)

OSVersionArchitecturePackageVersionFilename
Ubuntu12.10noarchpidgin<Β 1:2.10.6-0ubuntu2.2UNKNOWN
Ubuntu12.10noarchfinch<Β 1:2.10.6-0ubuntu2.2UNKNOWN
Ubuntu12.10noarchlibpurple0<Β 1:2.10.6-0ubuntu2.2UNKNOWN
Ubuntu12.10noarchpidgin-dbg<Β 1:2.10.6-0ubuntu2.2UNKNOWN
Ubuntu12.04noarchpidgin<Β 1:2.10.3-0ubuntu1.3UNKNOWN
Ubuntu12.04noarchfinch<Β 1:2.10.3-0ubuntu1.3UNKNOWN
Ubuntu12.04noarchlibpurple0<Β 1:2.10.3-0ubuntu1.3UNKNOWN
Ubuntu12.04noarchpidgin-dbg<Β 1:2.10.3-0ubuntu1.3UNKNOWN
Ubuntu11.10noarchpidgin<Β 1:2.10.0-0ubuntu2.2UNKNOWN
Ubuntu11.10noarchfinch<Β 1:2.10.0-0ubuntu2.2UNKNOWN
Rows per page:
1-10 of 161

Related

openvas 19
nessus 14
freebsd 1
suse 4
securityvulns 2
slackware 1
centos 1
veracode 3
redhat 1
oraclelinux 1
seebug 2
prion 4
debiancve 4
cve 4
ubuntucve 4
gentoo 1
openvas
openvas
Pidgin Multiple Denial of Service Vulnerabilities -Feb13 (Windows)
2013-02-20 00:00:00
Ubuntu Update for pidgin USN-1746-1
2013-03-01 00:00:00
SuSE Update for pidgin openSUSE-SU-2013:0511-1 (pidgin)
2013-12-10 00:00:00
nessus
nessus
FreeBSD : libpurple -- multiple vulnerabilities (549787c1-8916-11e2-8549-68b599b52a02)
2013-03-11 00:00:00
Slackware 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : pidgin (SSA:2013-044-01)
2013-02-14 00:00:00
SuSE 11.2 Security Update : pidgin (SAT Patch Number 7429)
2013-03-05 00:00:00
freebsd
freebsd
libpurple -- multiple vulnerabilities
2013-02-13 00:00:00
suse
suse
pidgin: 2.10.7 update to fix security issues and bugs (important)
2013-03-21 08:04:39
Security update for pidgin (important)
2013-03-04 23:04:31
pidgin: various security fixes (important)
2013-03-07 14:04:27
securityvulns
securityvulns
Pidgin multiple security vulnerabilities
2013-02-18 00:00:00
[slackware-security] pidgin &#40;SSA:2013-044-01&#41;
2013-02-18 00:00:00
slackware
slackware
pidgin
2013-02-13 22:49:06
centos
centos
finch, libpurple, pidgin security update
2013-03-14 19:12:09
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:44:07
Denial Of Service (DoS)
2019-05-02 04:44:07
Arbitrary Code Execution
2019-01-15 09:00:38
redhat
redhat
(RHSA-2013:0646) Moderate: pidgin security update
2013-03-14 00:00:00
oraclelinux
oraclelinux
pidgin security update
2013-03-14 00:00:00
seebug
seebug
Pidgin 'libpurple' δ»»ζ„ζ–‡δ»Άθ¦†η›–ζΌζ΄ž(CVE-2013-0271)
2013-03-10 00:00:00
Pidgin 'libpurple' HTTPζ ‡ε€΄ζ ˆηΌ“ε†²εŒΊζΊ’ε‡ΊζΌζ΄ž(CVE-2013-0272)
2013-03-10 00:00:00
prion
prion
Code injection
2013-02-16 21:55:00
Code injection
2013-02-16 21:55:00
Buffer overflow
2013-02-16 21:55:00
debiancve
debiancve
CVE-2013-0271
2013-02-16 21:55:00
CVE-2013-0274
2013-02-16 21:55:00
CVE-2013-0272
2013-02-16 21:55:00
cve
cve
CVE-2013-0271
2013-02-16 21:55:00
CVE-2013-0274
2013-02-16 21:55:00
CVE-2013-0272
2013-02-16 21:55:00
ubuntucve
ubuntucve
CVE-2013-0271
2013-02-16 00:00:00
CVE-2013-0274
2013-02-16 00:00:00
CVE-2013-0272
2013-02-16 00:00:00
gentoo
gentoo
Pidgin: Multiple vulnerabilities
2014-05-18 00:00:00

6.7 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.8%

JSON
Related for USN-1746-1
openvas19nessus14freebsd1suse4securityvulns2slackware1centos1veracode3redhat1oraclelinux1seebug2prion4debiancve4cve4ubuntucve4gentoo1