Download
| Alert*
|
oval:org.secpod.oval:def:201571
Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way the AOL Open System for Communication in Realtime protocol plug-in in Pidgin, used by the AOL ICQ and AIM instant messa ... oval:org.secpod.oval:def:201610 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way the AOL Open System for Communication in Realtime protocol plug-in in Pidgin, used by the AOL ICQ and AIM instant messa ... oval:org.secpod.oval:def:6275 The host is installed with Pidgin before 2.10.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle canceled SOCKS5 connection attempts. Successful exploitation allows user-assisted remote authenticated users to cause application cras ... oval:org.secpod.oval:def:700930 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:106335 Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add ... oval:org.secpod.oval:def:106405 Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add ... oval:org.secpod.oval:def:16812 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly allocate memory for HTTP responses that are inconsistent with the Content-Length header. Successful exploitation allows attackers to cause an ... oval:org.secpod.oval:def:2189 The host is installed with Pidgin before 2.10.0 and is prone to NULL pointer dereference vulnerability. A flaw is present in the application, which is caused by an error in the IRC protocol plugin when handling WHO responses with special characters in the nicknames. Successful exploitation allow att ... oval:org.secpod.oval:def:16811 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly interact with underlying library support for wide Pango layouts. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:16810 The host is installed with Pidgin before 2.10.8 and is prone to multiple integer signedness error vulnerabilities. The flaws are present in the application, which fails to handle a crafted timestamp value in an XMPP message. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:16930 The host is installed with Pidgin before 2.7.10 and is prone to information disclosure vulnerability. The flaw is present in the cipher.c in the Cipher API in libpurple in Pidgin, which retains encryption-key data in process memory. Successful exploitation might allow local users to obtain sensitive ... oval:org.secpod.oval:def:16809 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly validate UTF-8 data. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:601239 Multiple vulnerabilities have been discovered in pidgin, a multi-protocol instant messaging client. In addition to fixing the vulnerabilities, this revision specific to the oldstable distribution , reduces the supported protocols to: IRC, Jabber/XMPP, Sametime, and SIMPLE. Users of other protocols a ... oval:org.secpod.oval:def:16822 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a negative Content-Length header. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:16821 The host is installed with Pidgin before 2.10.8 and is prone to integer signedness error vulnerability. A flaw is present in the application, which fails to properly handle a crafted emoticon value. Successful exploitation allows attackers to cause denial of service (segmentation fault). oval:org.secpod.oval:def:16816 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle message containing a file: URL that is improperly handled during construction of an explorer.exe command. Successful exploitation allo ... oval:org.secpod.oval:def:16815 The host is installed with Pidgin before 2.10.8 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle invalid chunk-size field in chunked transfer-coding data. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:16814 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle sockets. Successful exploitation allows remote STUN servers to cause a denial of service (out-of-bounds write operation and applicatio ... oval:org.secpod.oval:def:2190 The host is installed with Pidgin before 2.10.0 and is prone to denial of service vulnerability. A flaw is present in the application, which is caused by an error in the MSN protocol when parsing HTTP 100 responses. Successful exploitation allows attackers to execute arbitrary code, this only affect ... oval:org.secpod.oval:def:16813 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly determine whether the from address in an iq reply is consistent with the to address in an iq request. Successful exploitation allows attacker ... oval:org.secpod.oval:def:16819 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted SOAP response, OIM XML response or Content-Length header. Successful exploitation allows attackers to cause a NULL pointer dereferenc ... oval:org.secpod.oval:def:2191 The host is installed with Pidgin before 2.10.0 and is prone to remote code execution vulnerability. A flaw is present in the application, which is caused by an error related to file:// URIs. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:16818 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a Yahoo! P2P message with a crafted length field. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:16817 The host is installed with Pidgin before 2.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly validate argument counts. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:701195 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:7299 The host is installed with Pidgin before 2.10.5 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted inline image in a message. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:600846 Ulf Härnhammar found a buffer overflow in Pidgin, a multi protocol instant messaging client. The vulnerability can be exploited by an incoming message in the MXit protocol plugin. A remote attacker may cause a crash, and in some circumstances can lead to remote code execution. oval:org.secpod.oval:def:831 The host is installed with Pidgin and is prone to denial of service vulnerability. A flaw is present in directconn.c in the MSN protocol plugin in libpurple, which fails to handle short p2pv2 packets in a DirectConnect session. Successful exploitation could allow remote attackers to execute arbitrar ... oval:org.secpod.oval:def:202642 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A stack-based buffer overflow flaw was found in the Pidgin MXit protocol plug-in. A malicious server or a remote attacker could use this flaw to crash Pidgin by sending ... oval:org.secpod.oval:def:202405 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A flaw was found in the way the Pidgin MSN protocol plug-in processed text that was not encoded in UTF-8. A remote attacker could use this flaw to crash Pidgin by sendi ... oval:org.secpod.oval:def:1500125 Updated pidgin packages that fix three security issues are now availablefor Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are availabl ... oval:org.secpod.oval:def:701562 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:203036 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A heap-based buffer overflow flaw was found in the way Pidgin processed certain HTTP responses. A malicious server could send a specially crafted HTTP response, causing ... oval:org.secpod.oval:def:1500373 Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ... oval:org.secpod.oval:def:601212 Multiple vulnerabilities have been discovered in Pidgin, a multi-protocol instant messaging client: CVE-2013-6477 Jaime Breva Ribes discovered that a remote XMPP user can trigger a crash by sending a message with a timestamp in the distant future. CVE-2013-6478 Pidgin could be crashed through overly ... oval:org.secpod.oval:def:9323 The host is installed with Pidgin before 2.10.7 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to handle crafted mxit or mxit/imagestrips pathname. Successful exploitation allows attackers to create or overwrite files. oval:org.secpod.oval:def:9320 The host is installed with Pidgin before 2.10.7 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly terminate long strings in UPnP responses. Successful exploitation allows attackers to cause an application crash by leveraging access to the ... oval:org.secpod.oval:def:9321 The host is installed with Pidgin before 2.10.7 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly terminate long user IDs. Successful exploitation allows attackers to cause an application crash via a crafted packet. oval:org.secpod.oval:def:9322 The host is installed with Pidgin before 2.10.7 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a long HTTP header. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:201442 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way the Pidgin SILC protocol plug-in escaped certain UTF-8 characters. A remote attacker could use this flaw to crash Pidgi ... oval:org.secpod.oval:def:3518 The host is installed with Pidgin before 2.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle invalid UTF-8 data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3516 The host is installed with Pidgin before 2.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle invalid UTF-8 data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:201546 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way the Pidgin SILC protocol plug-in escaped certain UTF-8 characters. A remote attacker could use this flaw to crash Pidgi ... oval:org.secpod.oval:def:533 The host is installed with Pidgin and is prone to denial of service vulnerability. A flaw is present in libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin, which fails to handle malformed YMSG SMS messages. Successful exploitation could allow remote attackers to cause a denial of service ... oval:org.secpod.oval:def:500115 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. Multiple NULL pointer dereference flaws were found in the way the Pidgin Yahoo! Messenger Protocol plug-in handled malformed YMSG packets. A remote attacker could use t ... oval:org.secpod.oval:def:500026 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way the Pidgin SILC protocol plug-in escaped certain UTF-8 characters. A remote attacker could use this flaw to crash Pidgi ... oval:org.secpod.oval:def:202404 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A flaw was found in the way the Pidgin MSN protocol plug-in processed text that was not encoded in UTF-8. A remote attacker could use this flaw to crash Pidgin by sendi ... oval:org.secpod.oval:def:6232 The host is installed with Pidgin before 2.10.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted characters. Successful exploitation allows remote servers to cause application crash by placing these characters in a text/pla ... oval:org.secpod.oval:def:501024 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A stack-based buffer overflow flaw was found in the Pidgin MXit protocol plug-in. A malicious server or a remote attacker could use this flaw to crash Pidgin by sending ... oval:org.secpod.oval:def:500211 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way the AOL Open System for Communication in Realtime protocol plug-in in Pidgin, used by the AOL ICQ and AIM instant messa ... oval:org.secpod.oval:def:500058 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way the AOL Open System for Communication in Realtime protocol plug-in in Pidgin, used by the AOL ICQ and AIM instant messa ... oval:org.secpod.oval:def:202641 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A stack-based buffer overflow flaw was found in the Pidgin MXit protocol plug-in. A malicious server or a remote attacker could use this flaw to crash Pidgin by sending ... oval:org.secpod.oval:def:3639 The host is installed with Pidgin before 2.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to perform the expected UTF-8 validation on message data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3519 The host is installed with Pidgin before 2.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to ensure that the incoming message contained all required fields. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3517 The host is installed with Pidgin before 2.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to ensure that the incoming message contained all required fields. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3640 The host is installed with Pidgin before 2.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to perform the expected UTF-8 validation on message data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:202861 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way the AOL Open System for Communication in Realtime protocol plug-in in Pidgin, used by the AOL ICQ and AIM instant messa ... oval:org.secpod.oval:def:501186 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A heap-based buffer overflow flaw was found in the way Pidgin processed certain HTTP responses. A malicious server could send a specially crafted HTTP response, causing ... oval:org.secpod.oval:def:203026 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A heap-based buffer overflow flaw was found in the way Pidgin processed certain HTTP responses. A malicious server could send a specially crafted HTTP response, causing ... oval:org.secpod.oval:def:4898 The host is installed with Pidgin before 2.10.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin. Successful exploitation could allow remote attackers to cause a denial of service ... oval:org.secpod.oval:def:4900 The host is installed with Pidgin before 2.10.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin. Successful exploitation could allow remote attackers to cause a denial of service ... oval:org.secpod.oval:def:4899 The host is installed with Pidgin before 2.10.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle msn_oim_report_to_user function in oim.c in the MSN protocol plugin in libpurple in Pidgin. Successful exploitation could allow remote servers ... oval:org.secpod.oval:def:4901 The host is installed with Pidgin before 2.10.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle msn_oim_report_to_user function in oim.c in the MSN protocol plugin in libpurple in Pidgin. Successful exploitation could allow remote servers ... oval:org.secpod.oval:def:500853 Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A flaw was found in the way the Pidgin MSN protocol plug-in processed text that was not encoded in UTF-8. A remote attacker could use this flaw to crash Pidgin by sendi ... oval:org.secpod.oval:def:7300 The host is installed with Pidgin before 2.10.5 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted inline image in a message. Successful exploitation allows remote attackers to execute arbitrary code. |
