OVALdb logo

Professional OVAL Repository

Skip Navigation LinksOVAL > OVAL Definitions

Search Conditions:  Product: pidgin

Page 1 of 25 (974 items)Prev1234567232425Next
OVALid 
Version 
Title 
Class 
Open filter row popup menu
Open filter row popup menu
Open filter row popup menu
xv
oval:org.mitre.oval:def:663738DSA-2038 pidgin -- several vulnerabilitiespatch
oval:org.mitre.oval:def:1361838DSA-1805-1 pidgin -- severalpatch
oval:org.mitre.oval:def:1260839USN-886-1 -- pidgin vulnerabilitiespatch
oval:org.mitre.oval:def:185064libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins for MSN, MySpaceIM, XMPP, and Yahoo! and the NTLM authentication supportvulnerability
oval:org.mitre.oval:def:184324Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927vulnerability
oval:org.mitre.oval:def:183884The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM clientvulnerability
oval:org.mitre.oval:def:183574libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, allows remote attackers to cause a denial of service (NULL dereference and application crash) via a message that contains invalid HTML data, a different vector than CVE-2007-4996vulnerability
oval:org.mitre.oval:def:182614libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote attackers to cause a denial of service (crash) via a nudge message that triggers an access of "an invalid memory location."vulnerability
oval:org.mitre.oval:def:182234cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or other representation of memory contentsvulnerability
oval:org.mitre.oval:def:182014Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a denial of service (application crash) via a QQ packetvulnerability
oval:org.mitre.oval:def:179724Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955vulnerability
oval:org.mitre.oval:def:177224Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained from third party informationvulnerability
oval:org.mitre.oval:def:176204Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticonvulnerability
oval:ru.altx-soft.nix:def:1508010Обновление USN-1273-1 -- уязвимости Pidginpatch
oval:ru.altx-soft.nix:def:129988Обновление USN-1014-1 -- уязвимости pidginpatch
oval:ru.altx-soft.nix:def:138498Обновление USN-820-1 -- уязвимость pidginpatch
oval:ru.altx-soft.nix:def:134968Обновление USN-781-1 -- уязвимости pidginpatch
oval:ru.altx-soft.nix:def:178264Обновление USN-675-1 -- уязвимости pidginpatch
oval:ru.altx-soft.nix:def:135906Обновление DSA-2038-3 pidgin - несколько уязвимостейpatch
oval:ru.altx-soft.nix:def:1297Обновление DSA-1870-1 pidgin - недостаточная проверка входных данныхpatch
oval:org.mitre.oval:def:2177340RHSA-2011:1371: pidgin security update (Moderate)patch
oval:org.mitre.oval:def:2079054RHSA-2012:1102: pidgin security update (Moderate)patch
oval:ru.altx-soft.nix:def:18373Обновление RHSA-2011:1821: устранение уязвимостей в pidgin (умеренное)patch
oval:ru.altx-soft.nix:def:18833Обновление RHSA-2011:1371: устранение уязвимостей в pidgin (умеренное)patch
oval:ru.altx-soft.nix:def:19773Обновление RHSA-2011:1820: устранение уязвимостей в pidgin (умеренное)patch
oval:ru.altx-soft.nix:def:22964Обновление USN-2100-1 -- уязвимости pidginpatch
oval:org.mitre.oval:def:2357226ELSA-2011:0616: pidgin security and bug fix update (Low)patch
oval:org.mitre.oval:def:2348519ELSA-2010:0890: pidgin security update (Moderate)patch
oval:org.mitre.oval:def:2342029ELSA-2011:1820: pidgin security update (Moderate)patch
oval:org.mitre.oval:def:2297518ELSA-2009:1536: pidgin security update (Moderate)patch
oval:org.mitre.oval:def:2274030ELSA-2008:1023: pidgin security and bug fix update (Moderate)patch
oval:ru.altx-soft.nix:def:30321Обновление ELSA-2011:1821: устранение уязвимостей в pidgin (умеренное)patch
oval:ru.altx-soft.nix:def:31641Обновление ELSA-2010:0890: устранение уязвимостей в pidgin (умеренное)patch
oval:ru.altx-soft.nix:def:32211Обновление ELSA-2011:1820: устранение уязвимостей в pidgin (умеренное)patch
oval:ru.altx-soft.nix:def:36221Обновление ELSA-2010:0044: устранение уязвимостей в pidgin (важное)patch
oval:ru.altx-soft.nix:def:36531Обновление ELSA-2009:1536: устранение уязвимостей в pidgin (умеренное)patch
oval:ru.altx-soft.nix:def:38421Обновление ELSA-2009:1218: устранение уязвимостей в pidgin (критичное)patch
oval:ru.altx-soft.nix:def:40871Обновление ELSA-2008:0584: устранение уязвимостей и ошибок в pidgin (важное)patch
oval:org.mitre.oval:def:2690015DSA-3055-1 pidgin - security updatepatch
oval:ru.altx-soft.win:def:336843Отказ в обслуживании в Yahoo плагине протокола в libpurple в Pidgin (CVE-2012-6152)vulnerability
Page 1 of 25 (974 items)Prev1234567232425Next

company ALTEX-SOFT 2008-2019, © ZAO ALTEX-SOFT , ovaldb@altx-soft.com

OVAL and the OVAL logo are registered trademarks of The MITRE Corporation. Other names may be trademarks of their respective owners.