(application crash) via a QQ packet (CVE-2009-1374). NOTE: some of these details are obtained from third partyīuffer overflow in the decrypt_out function in Pidgin (formerly Gaim)īefore 2.5.6 allows remote attackers to cause a denial of service (formerly Gaim) before 2.5.6 allows remote authenticated users toĮxecute arbitrary code via vectors involving an outbound XMPP file (CVE-2008-2957)īuffer overflow in the XMPP SOCKS5 bytestream server in Pidgin The UPnP functionality in Pidgin 2.0.0, and possibly other versions,Īllows remote attackers to trigger the download of arbitrary filesĪnd cause a denial of service (memory or disk consumption) via a UDP (crash) via a long filename that contains certain characters, asĭemonstrated using an MSN message that triggers the crash in the Pidgin 2.4.1 allows remote attackers to cause a denial of service The NSS plugin in libpurple in Pidgin 2.4.1 does not verify SSLĬertificates, which makes it easier for remote attackers to trickĪ user into accepting an invalid server certificate for a spoofed Security vulnerabilities has been identified and fixed in pidgin: Mandriva Linux Security Advisory MDVSA-2009:321
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |