Denial Of Service (DoS)

2020-04-1000:53:04

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

pidgin is vulnerable to denial of service. A NULL pointer dereference flaw was found in the way the Pidgin MSN protocol plug-in processed custom emoticon messages. A remote attacker could use this flaw to crash Pidgin by sending specially-crafted emoticon messages during mutual communication.

CPENameOperatorVersion
pidgineq2.5.2__6.el5
pidgineq2.5.9__1.el5
pidgineq2.5.8__1.el5
pidgineq2.6.6__2.el4_8
pidgineq2.6.5__1.el5
pidgineq2.3.1__2.el4
pidgineq2.6.3__2.el4
pidgineq2.5.9__1.el4
pidgineq2.6.6__1.el4
pidgineq2.5.8__1.el4

Name	Operator	Version
pidgin	eq	2.5.2__6.el5
pidgin	eq	2.5.9__1.el5
pidgin	eq	2.5.8__1.el5
pidgin	eq	2.6.6__2.el4_8
pidgin	eq	2.6.5__1.el5
pidgin	eq	2.3.1__2.el4
pidgin	eq	2.6.3__2.el4
pidgin	eq	2.5.9__1.el4
pidgin	eq	2.6.6__1.el4
pidgin	eq	2.5.8__1.el4

Rows per page:

1-10 of 521

References

developer.pidgin.im/viewmtn/revision/diff/884d44222e8c81ecec51c25e07d005e002a5479b/with/894460d22c434e73d60b71ec031611988e687c8b/libpurple/protocols/msn/slp.c

developer.pidgin.im/viewmtn/revision/info/894460d22c434e73d60b71ec031611988e687c8b

secunia.com/advisories/39801

secunia.com/advisories/41899

www.mandriva.com/security/advisories?name=MDVSA-2010:097

www.pidgin.im/news/security/index.php?id=46

www.redhat.com/security/updates/classification/#moderate

www.redhat.com/support/errata/RHSA-2010-0788.html

www.securityfocus.com/bid/40138

www.ubuntu.com/usn/USN-1014-1

www.vupen.com/english/advisories/2010/1141

www.vupen.com/english/advisories/2010/2755

access.redhat.com/errata/RHSA-2010:0788