Pidgin vulnerabilities

2010-02-2200:00:00

ubuntu.com

7.6 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.229 Low

EPSS

Percentile

96.5%

JSON

Releases

Ubuntu 9.10
Ubuntu 9.04
Ubuntu 8.10
Ubuntu 8.04

Packages

pidgin -

Details

Fabian Yamaguchi discovered that Pidgin incorrectly validated all fields of
an incoming message in the MSN protocol handler. A remote attacker could
send a specially crafted message and cause Pidgin to crash, leading to a
denial of service. (CVE-2010-0277)

Sadrul Habib Chowdhury discovered that Pidgin incorrectly handled certain
nicknames in Finch group chat rooms. A remote attacker could use a
specially crafted nickname and cause Pidgin to crash, leading to a denial
of service. (CVE-2010-0420)

Antti Hayrynen discovered that Pidgin incorrectly handled large numbers of
smileys. A remote attacker could send a specially crafted message and cause
Pidgin to become unresponsive, leading to a denial of service.
(CVE-2010-0423)

OSVersionArchitecturePackageVersionFilename
Ubuntu9.10noarchpidgin< 1:2.6.2-1ubuntu7.2UNKNOWN
Ubuntu9.10noarchfinch< 1:2.6.2-1ubuntu7.2UNKNOWN
Ubuntu9.10noarchlibpurple0< 1:2.6.2-1ubuntu7.2UNKNOWN
Ubuntu9.10noarchpidgin-dbg< 1:2.6.2-1ubuntu7.2UNKNOWN
Ubuntu9.04noarchpidgin< 1:2.5.5-1ubuntu8.6UNKNOWN
Ubuntu9.04noarchfinch< 1:2.5.5-1ubuntu8.6UNKNOWN
Ubuntu9.04noarchlibpurple0< 1:2.5.5-1ubuntu8.6UNKNOWN
Ubuntu9.04noarchpidgin-dbg< 1:2.5.5-1ubuntu8.6UNKNOWN
Ubuntu8.10noarchpidgin< 1:2.5.2-0ubuntu1.7UNKNOWN
Ubuntu8.10noarchfinch< 1:2.5.2-0ubuntu1.7UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	9.10	noarch	pidgin	< 1:2.6.2-1ubuntu7.2	UNKNOWN
Ubuntu	9.10	noarch	finch	< 1:2.6.2-1ubuntu7.2	UNKNOWN
Ubuntu	9.10	noarch	libpurple0	< 1:2.6.2-1ubuntu7.2	UNKNOWN
Ubuntu	9.10	noarch	pidgin-dbg	< 1:2.6.2-1ubuntu7.2	UNKNOWN
Ubuntu	9.04	noarch	pidgin	< 1:2.5.5-1ubuntu8.6	UNKNOWN
Ubuntu	9.04	noarch	finch	< 1:2.5.5-1ubuntu8.6	UNKNOWN
Ubuntu	9.04	noarch	libpurple0	< 1:2.5.5-1ubuntu8.6	UNKNOWN
Ubuntu	9.04	noarch	pidgin-dbg	< 1:2.5.5-1ubuntu8.6	UNKNOWN
Ubuntu	8.10	noarch	pidgin	< 1:2.5.2-0ubuntu1.7	UNKNOWN
Ubuntu	8.10	noarch	finch	< 1:2.5.2-0ubuntu1.7	UNKNOWN