Lucene search
Ubuntu.comUB:CVE-2008-2957HistoryJul 01, 2008 - 12:00 a.m.
CVE-2008-2957
2008-07-0100:00:00
ubuntu.com
ubuntu.com
6
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.044 Low
EPSS
Percentile
92.4%
The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows
remote attackers to trigger the download of arbitrary files and cause a
denial of service (memory or disk consumption) via a UDP packet that
specifies an arbitrary URL.
Notes
| Author | Note |
|---|---|
| mdeslaur | UPnP is not in Dapper, no not affected |
Related
debian
debian
[Backports-security-announce] Security Update for pidgin
2008-10-27 19:16:04
[Backports-security-announce] Security Update for pidgin
2008-10-27 19:16:16
prion
prion
Design/Logic Flaw
2008-07-01 22:41:00
nvd
nvd
CVE-2008-2957
2008-07-01 22:41:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:29:13
debiancve
debiancve
CVE-2008-2957
2008-07-01 22:41:00
cve
cve
CVE-2008-2957
2008-07-01 22:41:00
cvelist
cvelist
CVE-2008-2957
2008-07-01 22:00:00
oraclelinux
oraclelinux
pidgin security and bug fix update
2008-12-15 00:00:00
redhat
redhat
(RHSA-2008:1023) Moderate: pidgin security and bug fix update
2008-12-15 00:00:00
openvas
openvas
CentOS Update for finch CESA-2008:1023 centos4 x86_64
2009-02-27 00:00:00
CentOS Update for finch CESA-2008:1023 centos4 i386
2009-02-27 00:00:00
Mandrake Security Advisory MDVSA-2009:025 (pidgin)
2009-01-26 00:00:00
nessus
nessus
Oracle Linux 4 : pidgin (ELSA-2008-1023)
2013-07-12 00:00:00
CentOS 4 / 5 : pidgin (CESA-2008:1023)
2008-12-23 00:00:00
Mandriva Linux Security Advisory : pidgin (MDVSA-2009:025)
2009-04-23 00:00:00
centos
centos
enscript, finch, libpurple, pidgin security update
2008-12-15 17:14:23
gentoo
gentoo
Pidgin: Multiple vulnerabilities
2009-01-20 00:00:00
ubuntu
ubuntu
Pidgin vulnerabilities
2008-11-24 00:00:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.044 Low
EPSS
Percentile
92.4%
Related for UB:CVE-2008-2957