Download
| Alert*
oval:org.secpod.oval:def:106335
Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add ... oval:org.secpod.oval:def:106405 Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add ... oval:org.secpod.oval:def:21527 The host is installed with Pidgin before 2.10.10 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle a crafted certificate. Successful exploitation allows attackers to spoof servers and obtain sensitive information. oval:org.secpod.oval:def:21528 The host is installed with Pidgin before 2.10.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a large length value in an emoticon response. Successful exploitation allows attackers to cause a denial of service (application cr ... oval:org.secpod.oval:def:21529 The host is installed with Pidgin before 2.10.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted server message. Successful exploitation allows attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:21530 The host is installed with Pidgin before 2.10.10 and is prone to an absolute path traversal vulnerability. A flaw is present in the application, which fails to properly handle a drive name in a tar archive of a smiley theme. Successful exploitation allows attackers to write to arbitrary files. oval:org.secpod.oval:def:21531 The host is installed with Pidgin before 2.10.10 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle a crafted XMPP message. Successful exploitation allows attackers to obtain sensitive information from process memory. oval:org.secpod.oval:def:52331 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:502115 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. The following packages have been upgraded to a later upstream version: pidgin . Security Fix: * A denial of service flaw was found in the way Pidgin"s Mxit plug-in han ... oval:org.secpod.oval:def:1502005 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:107885 Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add ... oval:org.secpod.oval:def:16812 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly allocate memory for HTTP responses that are inconsistent with the Content-Length header. Successful exploitation allows attackers to cause an ... oval:org.secpod.oval:def:16811 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly interact with underlying library support for wide Pango layouts. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:16810 The host is installed with Pidgin before 2.10.8 and is prone to multiple integer signedness error vulnerabilities. The flaws are present in the application, which fails to handle a crafted timestamp value in an XMPP message. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:702265 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:1500125 Updated pidgin packages that fix three security issues are now availablefor Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are availabl ... oval:org.secpod.oval:def:16809 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly validate UTF-8 data. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:601239 Multiple vulnerabilities have been discovered in pidgin, a multi-protocol instant messaging client. In addition to fixing the vulnerabilities, this revision specific to the oldstable distribution , reduces the supported protocols to: IRC, Jabber/XMPP, Sametime, and SIMPLE. Users of other protocols a ... oval:org.secpod.oval:def:701562 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:16822 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a negative Content-Length header. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:16821 The host is installed with Pidgin before 2.10.8 and is prone to integer signedness error vulnerability. A flaw is present in the application, which fails to properly handle a crafted emoticon value. Successful exploitation allows attackers to cause denial of service (segmentation fault). oval:org.secpod.oval:def:16820 The host is installed with Pidgin before 2.10.8 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to properly handle a large Content-Length value. Successful exploitation allows attackers to have an unspecified impact. oval:org.secpod.oval:def:203036 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A heap-based buffer overflow flaw was found in the way Pidgin processed certain HTTP responses. A malicious server could send a specially crafted HTTP response, causing ... oval:org.secpod.oval:def:1500373 Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ... oval:org.secpod.oval:def:16816 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle message containing a file: URL that is improperly handled during construction of an explorer.exe command. Successful exploitation allo ... oval:org.secpod.oval:def:16815 The host is installed with Pidgin before 2.10.8 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle invalid chunk-size field in chunked transfer-coding data. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:16814 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle sockets. Successful exploitation allows remote STUN servers to cause a denial of service (out-of-bounds write operation and applicatio ... oval:org.secpod.oval:def:16813 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly determine whether the from address in an iq reply is consistent with the to address in an iq request. Successful exploitation allows attacker ... oval:org.secpod.oval:def:16819 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted SOAP response, OIM XML response or Content-Length header. Successful exploitation allows attackers to cause a NULL pointer dereferenc ... oval:org.secpod.oval:def:16818 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a Yahoo! P2P message with a crafted length field. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:16817 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly validate argument counts. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:701195 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:601212 Multiple vulnerabilities have been discovered in Pidgin, a multi-protocol instant messaging client: CVE-2013-6477 Jaime Breva Ribes discovered that a remote XMPP user can trigger a crash by sending a message with a timestamp in the distant future. CVE-2013-6478 Pidgin could be crashed through overly ... oval:org.secpod.oval:def:9323 The host is installed with Pidgin before 2.10.7 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to handle crafted mxit or mxit/imagestrips pathname. Successful exploitation allows attackers to create or overwrite files. oval:org.secpod.oval:def:202642 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A stack-based buffer overflow flaw was found in the Pidgin MXit protocol plug-in. A malicious server or a remote attacker could use this flaw to crash Pidgin by sending ... oval:org.secpod.oval:def:9320 The host is installed with Pidgin before 2.10.7 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly terminate long strings in UPnP responses. Successful exploitation allows attackers to cause an application crash by leveraging access to the ... oval:org.secpod.oval:def:9321 The host is installed with Pidgin before 2.10.7 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly terminate long user IDs. Successful exploitation allows attackers to cause an application crash via a crafted packet. oval:org.secpod.oval:def:9322 The host is installed with Pidgin before 2.10.7 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a long HTTP header. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:501186 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A heap-based buffer overflow flaw was found in the way Pidgin processed certain HTTP responses. A malicious server could send a specially crafted HTTP response, causing ... oval:org.secpod.oval:def:501024 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A stack-based buffer overflow flaw was found in the Pidgin MXit protocol plug-in. A malicious server or a remote attacker could use this flaw to crash Pidgin by sending ... oval:org.secpod.oval:def:203026 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A heap-based buffer overflow flaw was found in the way Pidgin processed certain HTTP responses. A malicious server could send a specially crafted HTTP response, causing ... oval:org.secpod.oval:def:202641 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A stack-based buffer overflow flaw was found in the Pidgin MXit protocol plug-in. A malicious server or a remote attacker could use this flaw to crash Pidgin by sending ... |