5

CVE-2012-1178

The msn_oim_report_to_user function in oim.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.2 allows remote servers to cause a denial of service (application crash) via an OIM message that lacks UTF-8 encoding.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PidginPidgin Version <= 2.10.1
PidginPidgin Version2.0.0
PidginPidgin Version2.0.1
PidginPidgin Version2.0.2
PidginPidgin Version2.1.0
PidginPidgin Version2.1.1
PidginPidgin Version2.2.0
PidginPidgin Version2.2.1
PidginPidgin Version2.2.2
PidginPidgin Version2.3.0
PidginPidgin Version2.3.1
PidginPidgin Version2.4.0
PidginPidgin Version2.4.1
PidginPidgin Version2.4.2
PidginPidgin Version2.4.3
PidginPidgin Version2.5.0
PidginPidgin Version2.5.1
PidginPidgin Version2.5.2
PidginPidgin Version2.5.3
PidginPidgin Version2.5.4
PidginPidgin Version2.5.5
PidginPidgin Version2.5.6
PidginPidgin Version2.5.7
PidginPidgin Version2.5.8
PidginPidgin Version2.5.9
PidginPidgin Version2.6.0
PidginPidgin Version2.6.1
PidginPidgin Version2.6.2
PidginPidgin Version2.6.3
PidginPidgin Version2.6.4
PidginPidgin Version2.6.5
PidginPidgin Version2.6.6
PidginPidgin Version2.7.1
PidginPidgin Version2.7.2
PidginPidgin Version2.7.3
PidginPidgin Version2.7.4
PidginPidgin Version2.7.5
PidginPidgin Version2.7.6
PidginPidgin Version2.7.7
PidginPidgin Version2.7.8
PidginPidgin Version2.7.9
PidginPidgin Version2.7.10
PidginPidgin Version2.7.11
PidginPidgin Version2.8.0
PidginPidgin Version2.9.0
PidginPidgin Version2.10.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.5% 0.827
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.mandriva.com/security/advisories?name=MDVSA-2012:029
http://developer.pidgin.im/ticket/14884
http://developer.pidgin.im/viewmtn/revision/diff/60f8379d0a610538cf42e0dd9ab1436c8b9308cd/with/3053d6a37cc6d8774aba7607b992a4408216adcd/libpurple/protocols/msn/oim.c
http://developer.pidgin.im/viewmtn/revision/info/3053d6a37cc6d8774aba7607b992a4408216adcd
http://pidgin.im/news/security/?id=61
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2012-1102.html
http://secunia.com/advisories/50005
http://www.securityfocus.com/bid/52475
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18019