4.3
CVE-2010-0420
- EPSS 2.88%
- Veröffentlicht 24.02.2010 18:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:07
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nicknames containing <br> sequences, which allows remote attackers to cause a denial of service (application crash) via a crafted nickname.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.88% | 0.85 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html
http://secunia.com/advisories/38915
http://developer.pidgin.im/wiki/ChangeLog
http://www.mandriva.com/security/advisories?name=MDVSA-2010:085
http://www.vupen.com/english/advisories/2010/1020
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035332.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035347.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035409.html
http://secunia.com/advisories/38563
http://secunia.com/advisories/38640
http://secunia.com/advisories/38658
http://secunia.com/advisories/38712
http://www.mandriva.com/security/advisories?name=MDVSA-2010:041
http://www.securityfocus.com/bid/38294
http://www.ubuntu.com/usn/USN-902-1
http://www.vupen.com/english/advisories/2010/0413
https://rhn.redhat.com/errata/RHSA-2010-0115.html
http://pidgin.im/news/security/?id=44
http://secunia.com/advisories/39509
http://www.debian.org/security/2010/dsa-2038
http://www.osvdb.org/62439
http://www.vupen.com/english/advisories/2010/0914
https://bugzilla.redhat.com/show_bug.cgi?id=565786
https://exchange.xforce.ibmcloud.com/vulnerabilities/56399
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11485
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18230