Search CVE reports


Toggle filters

41 – 50 of 91 results


CVE-2013-6477

Medium priority

Some fixes available 3 of 4

Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service (application crash) via a crafted timestamp value in an XMPP message.

1 affected package

pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pidgin
Show less packages

CVE-2013-0274

Medium priority

Some fixes available 4 of 5

upnp.c in libpurple in Pidgin before 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote attackers to cause a denial of service (application crash) by leveraging access to the local network.

1 affected package

pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pidgin
Show less packages

CVE-2013-0273

Medium priority

Some fixes available 4 of 5

sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service (application crash) via a crafted packet.

1 affected package

pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pidgin
Show less packages

CVE-2013-0272

Medium priority

Some fixes available 4 of 5

Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header.

1 affected package

pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pidgin
Show less packages

CVE-2013-0271

Medium priority

Some fixes available 3 of 4

The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathname.

1 affected package

pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pidgin
Show less packages

CVE-2012-6152

Medium priority

Some fixes available 3 of 4

The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service (application crash) via crafted byte sequences.

1 affected package

pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pidgin
Show less packages

CVE-2012-3374

Medium priority

Some fixes available 4 of 5

Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message.

1 affected package

pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pidgin
Show less packages

CVE-2012-2369

Low priority

Some fixes available 4 of 5

Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbitrary code via format string...

1 affected package

pidgin-otr

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pidgin-otr
Show less packages

CVE-2012-2318

Low priority

Some fixes available 4 of 5

msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service (application crash) by placing these characters in a...

1 affected package

pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pidgin
Show less packages

CVE-2012-2214

Medium priority

Some fixes available 2 of 3

proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (application crash) via a sequence of...

1 affected package

pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pidgin
Show less packages