cpe:/a:pidgin:pidgin:2.0.0 CVE-2008-2957 2008-07-01T18:41:00.000-04:00 2017-09-28T21:31:26.427-04:00 6.4 NETWORK LOW NONE NONE PARTIAL PARTIAL http://nvd.nist.gov 2008-07-02T09:17:00.000-04:00 BID 29985 SECUNIA 32859 SECUNIA 33102 MANDRIVA MDVSA-2009:025 REDHAT RHSA-2008:1023 UBUNTU USN-675-1 MLIST [oss-security] 20080627 CVE Request (pidgin) MISC http://crisp.cs.du.edu/?q=ca2007-1 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-493.htm The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service (memory or disk consumption) via a UDP packet that specifies an arbitrary URL.