Search CVE reports
81 – 90 of 91 results
CVE-2009-1375
Medium priorityThe PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service (memory corruption and application crash)...
2 affected packages
gaim, pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gaim | — | — | — | — | — |
pidgin | — | — | — | — | — |
CVE-2009-1374
Medium priorityBuffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a denial of service (application crash) via a QQ packet.
2 affected packages
gaim, pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gaim | — | — | — | — | — |
pidgin | — | — | — | — | — |
CVE-2009-1373
Medium priorityBuffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these...
2 affected packages
gaim, pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gaim | — | — | — | — | — |
pidgin | — | — | — | — | — |
CVE-2008-3532
Low prioritySome fixes available 2 of 3
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service.
2 affected packages
gaim, pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gaim | — | — | — | — | — |
pidgin | — | — | — | — | — |
CVE-2008-2927
Medium prioritySome fixes available 3 of 4
Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow...
2 affected packages
gaim, pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gaim | — | — | — | — | — |
pidgin | — | — | — | — | — |
CVE-2008-2957
Low prioritySome fixes available 2 of 3
The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service (memory or disk consumption) via a UDP packet that specifies an...
2 affected packages
gaim, pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gaim | — | — | — | — | — |
pidgin | — | — | — | — | — |
CVE-2008-2956
Low priority** DISPUTED ** Memory leak in Pidgin 2.0.0, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption) via malformed XML documents. NOTE: this issue has been disputed by the upstream...
2 affected packages
gaim, pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gaim | — | — | — | — | — |
pidgin | — | — | — | — | — |
CVE-2008-2955
Low prioritySome fixes available 2 of 3
Pidgin 2.4.1 allows remote attackers to cause a denial of service (crash) via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msn_slplink_process_msg function.
2 affected packages
gaim, pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gaim | — | — | — | — | — |
pidgin | — | — | — | — | — |
CVE-2007-4999
Low prioritylibpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, allows remote attackers to cause a denial of service (NULL dereference and application crash) via a message that contains invalid HTML data, a different vector than...
1 affected package
pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pidgin | — | — | — | — | — |
CVE-2007-4996
Low prioritylibpurple in Pidgin before 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote attackers to cause a denial of service (crash) via a nudge message that triggers...
2 affected packages
gaim, pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gaim | — | — | — | — | — |
pidgin | — | — | — | — | — |