5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
pidgin is vulnerable to denial of service (DoS). The vulnerability exists as a flaw was found in the way Pidginβs PurpleCircBuffer object is expanded. If the buffer is full when more data arrives, the data stored in this buffer becomes corrupted. This corrupted data could result in confusing or misleading data being presented to the user, or possibly crash Pidgin.
debian.org/security/2009/dsa-1805
osvdb.org/54649
secunia.com/advisories/35188
secunia.com/advisories/35194
secunia.com/advisories/35202
secunia.com/advisories/35215
secunia.com/advisories/35294
secunia.com/advisories/35329
www.gentoo.org/security/en/glsa/glsa-200905-07.xml
www.mandriva.com/security/advisories?name=MDVSA-2009:173
www.pidgin.im/news/security/?id=31
www.redhat.com/security/updates/classification/#important
www.redhat.com/support/errata/RHSA-2009-1060.html
www.securityfocus.com/bid/35067
www.ubuntu.com/usn/USN-781-1
www.vupen.com/english/advisories/2009/1396
access.redhat.com/errata/RHSA-2009:1060
bugzilla.redhat.com/show_bug.cgi?id=500491
exchange.xforce.ibmcloud.com/vulnerabilities/50683
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10829
www.redhat.com/archives/fedora-package-announce/2009-June/msg00033.html
www.redhat.com/archives/fedora-package-announce/2009-June/msg00051.html
www.redhat.com/archives/fedora-package-announce/2009-June/msg00075.html