cpe:/a:pidgin:libpurple:2.7.6 cpe:/a:pidgin:libpurple:2.7.7 cpe:/a:pidgin:libpurple:2.7.8 cpe:/a:pidgin:pidgin:2.0.0 cpe:/a:pidgin:pidgin:2.0.1 cpe:/a:pidgin:pidgin:2.0.2 cpe:/a:pidgin:pidgin:2.1.0 cpe:/a:pidgin:pidgin:2.1.1 cpe:/a:pidgin:pidgin:2.2.0 cpe:/a:pidgin:pidgin:2.2.1 cpe:/a:pidgin:pidgin:2.2.2 cpe:/a:pidgin:pidgin:2.3.0 cpe:/a:pidgin:pidgin:2.3.1 cpe:/a:pidgin:pidgin:2.4.0 cpe:/a:pidgin:pidgin:2.4.1 cpe:/a:pidgin:pidgin:2.4.2 cpe:/a:pidgin:pidgin:2.4.3 cpe:/a:pidgin:pidgin:2.5.0 cpe:/a:pidgin:pidgin:2.5.1 cpe:/a:pidgin:pidgin:2.5.2 cpe:/a:pidgin:pidgin:2.5.3 cpe:/a:pidgin:pidgin:2.5.4 cpe:/a:pidgin:pidgin:2.5.5 cpe:/a:pidgin:pidgin:2.5.6 cpe:/a:pidgin:pidgin:2.5.7 cpe:/a:pidgin:pidgin:2.5.8 cpe:/a:pidgin:pidgin:2.5.9 cpe:/a:pidgin:pidgin:2.6.0 cpe:/a:pidgin:pidgin:2.6.1 cpe:/a:pidgin:pidgin:2.6.2 cpe:/a:pidgin:pidgin:2.6.4 cpe:/a:pidgin:pidgin:2.6.5 cpe:/a:pidgin:pidgin:2.6.6 cpe:/a:pidgin:pidgin:2.7.0 cpe:/a:pidgin:pidgin:2.7.1 cpe:/a:pidgin:pidgin:2.7.2 cpe:/a:pidgin:pidgin:2.7.3 cpe:/a:pidgin:pidgin:2.7.4 cpe:/a:pidgin:pidgin:2.7.5 cpe:/a:pidgin:pidgin:2.7.6 cpe:/a:pidgin:pidgin:2.7.7 cpe:/a:pidgin:pidgin:2.7.8 CVE-2010-4528 2011-01-07T07:00:49.577-05:00 2017-09-18T21:31:47.973-04:00 4.0 NETWORK LOW SINGLE_INSTANCE NONE NONE PARTIAL http://nvd.nist.gov 2011-01-07T09:10:00.000-05:00 SECUNIA 42732 SECUNIA 42824 SECUNIA 42877 BID 45581 VUPEN ADV-2011-0028 VUPEN ADV-2011-0054 VUPEN ADV-2011-0076 FEDORA FEDORA-2010-19314 FEDORA FEDORA-2010-19317 MANDRIVA MDVSA-2010:259 SUSE SUSE-SR:2011:001 MLIST [oss-security] 20101227 CVE Request -- Pidgin v2.7.6 <= x <= v2.7.8 -- MSN DirectConnect DoS (crash due NULL ptr dereference) after receiving a short P2P message MLIST [oss-security] 20101231 Re: CVE Request -- Pidgin v2.7.6 <= x <= v2.7.8 -- MSN DirectConnect DoS (crash due NULL ptr dereference) after receiving a short P2P message MLIST [support] 20101227 Pidgin 2.7.9 released CONFIRM http://developer.pidgin.im/viewmtn/revision/diff/e76f4ad4ef2f10588195a0eedc7a08f82062f79c/with/aaa07bde3c51d3684391ae6ed86b6dbaeab5d031/libpurple/protocols/msn/directconn.c CONFIRM http://developer.pidgin.im/viewmtn/revision/info/aaa07bde3c51d3684391ae6ed86b6dbaeab5d031 CONFIRM http://www.pidgin.im/news/security/?id=49 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=665421 directconn.c in the MSN protocol plugin in libpurple 2.7.6 through 2.7.8 in Pidgin before 2.7.9 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a short p2pv2 packet in a DirectConnect (aka direct connection) session.