Lucene search
UbuntuUSN-675-2HistoryNov 24, 2008 - 12:00 a.m.
Gaim vulnerability
2008-11-2400:00:00
ubuntu.com
46
7.4 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.107 Low
EPSS
Percentile
95.0%
Releases
- Ubuntu 6.06
Packages
- gaim -
Details
It was discovered that Gaim did not properly handle certain malformed
messages in the MSN protocol handler. A remote attacker could send a specially
crafted message and possibly execute arbitrary code with user privileges.
(CVE-2008-2927)
References
Related
openvas
openvas
Mandriva Update for pidgin MDVSA-2008:143 (pidgin)
2009-04-09 00:00:00
CentOS Update for pidgin CESA-2008:0584 centos4 i386
2009-02-27 00:00:00
Pidgin MSN SLP Message Integer Overflow Vulnerabilities (Windows)
2008-08-22 00:00:00
nessus
nessus
CentOS 3 / 4 / 5 : pidgin (CESA-2008:0584)
2008-07-10 00:00:00
Debian DSA-1610-1 : gaim - integer overflow
2008-07-16 00:00:00
openSUSE 10 Security Update : gaim (gaim-5421)
2008-09-12 00:00:00
oraclelinux
oraclelinux
pidgin security and bug fix update
2008-07-09 00:00:00
redhat
redhat
(RHSA-2008:0584) Important: pidgin security and bug fix update
2008-07-09 00:00:00
osv
osv
gaim - execution of arbitrary code
2008-07-15 00:00:00
pidgin - insufficient input sanitization
2009-08-19 00:00:00
pidgin - several vulnerabilities
2009-05-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Pidgin MSN MSNP2P Message Integer Overflow (CVE-2008-2927)
2009-12-21 00:00:00
securityvulns
securityvulns
ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability
2008-09-01 00:00:00
libpurple / Pidgin buffer overflow
2009-06-09 00:00:00
zdi
zdi
debian
debian
[SECURITY] [DSA 1610-1] New gaim packages fix execution of arbitrary code
2008-07-15 17:47:00
[SECURITY] [DSA 1870-1] New pidgin packages fix arbitrary code execution
2009-08-19 22:33:52
[SECURITY] [DSA 1805-1] New pidgin packages fix several vulnerabilities
2009-05-22 20:04:22
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:25:52
centos
centos
finch, libpurple, pidgin security update
2008-07-09 10:20:19
prion
prion
Integer overflow
2008-07-07 23:41:00
Integer overflow
2009-05-26 15:30:00
cve
cve
CVE-2009-1376
2009-05-26 15:30:00
CVE-2008-2927
2008-07-07 23:41:00
debiancve
debiancve
CVE-2008-2927
2008-07-07 23:41:00
CVE-2009-1376
2009-05-26 15:30:00
ubuntucve
ubuntucve
CVE-2009-1376
2009-05-26 00:00:00
CVE-2008-2927
2008-07-07 00:00:00
coresecurity
coresecurity
Libpurple msn_slplink_process_msg() Arbitrary Write Vulnerability
2009-08-18 00:00:00
ubuntu
ubuntu
Pidgin vulnerabilities
2008-11-24 00:00:00
gentoo
gentoo
Pidgin: Multiple vulnerabilities
2009-01-20 00:00:00
Pidgin: Multiple vulnerabilities
2009-05-25 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: pidgin-2.5.6-1.fc10
2009-06-02 14:33:34
[SECURITY] Fedora 11 Update: pidgin-2.5.6-1.fc11
2009-06-02 14:28:31
[SECURITY] Fedora 9 Update: pidgin-2.5.6-1.fc9
2009-06-02 14:26:30
7.4 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.107 Low
EPSS
Percentile
95.0%
Related for USN-675-2