CVE-2009-1373

2009-05-2600:00:00

ubuntu.com

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.042 Low

EPSS

Percentile

92.2%

JSON

Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly
Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary
code via vectors involving an outbound XMPP file transfer. NOTE: some of
these details are obtained from third party information.

Bugs

<https://bugs.launchpad.net/bugs/384222>

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchgaim< 1:1.5.0+1.5.1cvs20051015-1ubuntu10.2UNKNOWN
ubuntu8.04noarchpidgin< 1:2.4.1-1ubuntu2.4UNKNOWN
ubuntu8.10noarchpidgin< 1:2.5.2-0ubuntu1.2UNKNOWN
ubuntu9.04noarchpidgin< 1:2.5.5-1ubuntu8.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.06	noarch	gaim	< 1:1.5.0+1.5.1cvs20051015-1ubuntu10.2	UNKNOWN
ubuntu	8.04	noarch	pidgin	< 1:2.4.1-1ubuntu2.4	UNKNOWN
ubuntu	8.10	noarch	pidgin	< 1:2.5.2-0ubuntu1.2	UNKNOWN
ubuntu	9.04	noarch	pidgin	< 1:2.5.5-1ubuntu8.1	UNKNOWN