OVALdb logo

Professional OVAL Repository

Search Conditions:  Product: pidgin

Page 1 of 26 (1032 items)Предыдущая1234567242526Следующая
OVALid 
Version 
Title 
Class 
Open filter row popup menu
Open filter row popup menu
Open filter row popup menu
xv
oval:org.mitre.oval:def:832838DSA-1805 pidgin -- several vulnerabilitiespatch
oval:org.mitre.oval:def:822137DSA-1932 pidgin -- programming errorpatch
oval:org.mitre.oval:def:812938DSA-1870 pidgin -- insufficient input validationpatch
oval:org.mitre.oval:def:663739DSA-2038 pidgin -- several vulnerabilitiespatch
oval:org.mitre.oval:def:64354Pidgin before 2.6.2 allow denial of service via TOPIC messagevulnerability
oval:org.mitre.oval:def:64344Pidgin before 2.6.2 allow denial of service via XHTML-IM contentvulnerability
oval:org.mitre.oval:def:63384Pidgin before 2.6.2 allow denial of service via handwritten (aka Ink) messagevulnerability
oval:org.mitre.oval:def:63224Pidgin before 2.6.2 allow denial of service via SLP invite messagevulnerability
oval:org.mitre.oval:def:63204Pidgin before 2.5.9 allow denial of service via SLP (aka MSNSLP) messagesvulnerability
oval:org.mitre.oval:def:61674Pidgin 2.6.0 and prior allow to cause a denial of service via Yahoo IM.vulnerability
oval:org.mitre.oval:def:57574Pidgin 2.6.0 and prior does not follow the require TLS/SSL preferencevulnerability
oval:org.mitre.oval:def:1384940USN-820-1 -- pidgin vulnerabilitypatch
oval:org.mitre.oval:def:1368040USN-796-1 -- pidgin vulnerabilitypatch
oval:org.mitre.oval:def:1361839DSA-1805-1 pidgin -- severalpatch
oval:org.mitre.oval:def:1359040DSA-2038-3 pidgin -- severalpatch
oval:org.mitre.oval:def:1349840DSA-2038-2 pidgin -- severalpatch
oval:org.mitre.oval:def:1349640USN-781-1 -- pidgin vulnerabilitiespatch
oval:org.mitre.oval:def:1344439DSA-1932-1 pidgin -- programming errorpatch
oval:org.mitre.oval:def:1309839DSA-2038-1 pidgin -- severalpatch
oval:org.mitre.oval:def:1299840USN-1014-1 -- pidgin vulnerabilitiespatch
oval:org.mitre.oval:def:1292340USN-902-1 -- pidgin vulnerabilitiespatch
oval:org.mitre.oval:def:1286340DSA-1870-1 pidgin -- insufficient input validationpatch
oval:org.mitre.oval:def:1260840USN-886-1 -- pidgin vulnerabilitiespatch
oval:org.mitre.oval:def:123665Pidgin is installedinventory
oval:org.mitre.oval:def:1508041USN-1273-1 -- Pidgin vulnerabilitiespatch
oval:org.mitre.oval:def:175227USN-548-1 -- pidgin vulnerabilitypatch
oval:org.mitre.oval:def:182918USN-1746-1 -- pidgin vulnerabilitiespatch
oval:org.mitre.oval:def:178268USN-675-1 -- pidgin vulnerabilitiespatch
oval:org.mitre.oval:def:177158USN-1500-1 -- pidgin vulnerabilitiespatch
oval:org.mitre.oval:def:185474The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a custom emoticon in a malformed SLP messagevulnerability
oval:org.mitre.oval:def:185064libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins for MSN, MySpaceIM, XMPP, and Yahoo! and the NTLM authentication supportvulnerability
oval:org.mitre.oval:def:184614directconn.c in the MSN protocol plugin in libpurple 2.7.6 through 2.7.8 in Pidgin before 2.7.9 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a short p2pv2 packet in a DirectConnect (aka direct connection) sessionvulnerability
oval:org.mitre.oval:def:184324Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927vulnerability
oval:org.mitre.oval:def:184204The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing fields in (1) voice-chat and (2) video-chat stanzas, which allows remote attackers to cause a denial of service (application crash) via a crafted messagevulnerability
oval:org.mitre.oval:def:184084family_feedbag.c in the oscar protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attackers to cause a denial of service (application crash) via a crafted (1) AIM or (2) ICQ message associated with buddy-list additionvulnerability
oval:org.mitre.oval:def:184064The pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin before 2.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by changing a nickname while in an XMPP chat roomvulnerability
oval:org.mitre.oval:def:184024libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yahoo! servers to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG SMS messagevulnerability
oval:org.mitre.oval:def:183884The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM clientvulnerability
oval:org.mitre.oval:def:183864The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathnamevulnerability
oval:org.mitre.oval:def:183594The clientautoresp function in family_icbm.c in the oscar protocol plugin in libpurple in Pidgin before 2.7.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via an X-Status message that lacks the expected end tag for a (1) desc or (2) title elementvulnerability
Page 1 of 26 (1032 items)Предыдущая1234567242526Следующая

company ALTEX-SOFT 2008-2020, © AO ALTEX-SOFT , ovaldb@altx-soft.com

OVAL and the OVAL logo are registered trademarks of The MITRE Corporation. Other names may be trademarks of their respective owners.