Download
| Alert*
oval:org.secpod.oval:def:602812
It was discovered a vulnerability in Pidgin, a multi-protocol instant messaging client. A server controlled by an attacker can send an invalid XML that can trigger an out-of-bound memory access. This might lead to a crash or, in some extreme cases, to remote code execution in the client-side. oval:org.secpod.oval:def:52846 pidgin: graphical multi-protocol instant messaging client for X Pidgin could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:1800545 An out-of-bounds write vulnerability was found in purple_markup_unescape_entity. It can be triggered by sending invalid XMLentities separated by whitespace, eg "ஸ". In default installation, this can get called only when receiving data from a server. Fixed In Version pidgin 2.12.0 oval:org.secpod.oval:def:1800857 An out-of-bounds write vulnerability was found in purple_markup_unescape_entity. It can be triggered by sending invalid XML entities separated by whitespace, eg "ஸ". In default installation, this can get called only when receiving data from a server. Fixed In Version: pidgin 2.12.0 oval:org.secpod.oval:def:502115 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. The following packages have been upgraded to a later upstream version: pidgin . Security Fix: * A denial of service flaw was found in the way Pidgin"s Mxit plug-in han ... oval:org.secpod.oval:def:1502005 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:40397 The host is installed with Pidgin before 2.12.0 and is prone to an out-of-bounds write vulnerability. A flaw is present in the application, which fails to properly handle a invalid xml. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:204666 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. The following packages have been upgraded to a later upstream version: pidgin . Security Fix: * A denial of service flaw was found in the way Pidgin"s Mxit plug-in han ... oval:org.secpod.oval:def:703522 pidgin: graphical multi-protocol instant messaging client for X Pidgin could be made to crash or run programs if it received specially crafted network traffic. |