5

CVE-2013-6479

util.c in libpurple in Pidgin before 2.10.8 does not properly allocate memory for HTTP responses that are inconsistent with the Content-Length header, which allows remote HTTP servers to cause a denial of service (application crash) via a crafted response.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PidginPidgin Version <= 2.10.7
PidginPidgin Version2.0.0
PidginPidgin Version2.0.1
PidginPidgin Version2.0.2
PidginPidgin Version2.1.0
PidginPidgin Version2.1.1
PidginPidgin Version2.2.0
PidginPidgin Version2.2.1
PidginPidgin Version2.2.2
PidginPidgin Version2.3.0
PidginPidgin Version2.3.1
PidginPidgin Version2.4.0
PidginPidgin Version2.4.1
PidginPidgin Version2.4.2
PidginPidgin Version2.4.3
PidginPidgin Version2.5.0
PidginPidgin Version2.5.1
PidginPidgin Version2.5.2
PidginPidgin Version2.5.3
PidginPidgin Version2.5.4
PidginPidgin Version2.5.5
PidginPidgin Version2.5.6
PidginPidgin Version2.5.7
PidginPidgin Version2.5.8
PidginPidgin Version2.5.9
PidginPidgin Version2.6.0
PidginPidgin Version2.6.1
PidginPidgin Version2.6.2
PidginPidgin Version2.6.3
PidginPidgin Version2.6.4
PidginPidgin Version2.6.5
PidginPidgin Version2.6.6
PidginPidgin Version2.7.0
PidginPidgin Version2.7.1
PidginPidgin Version2.7.2
PidginPidgin Version2.7.3
PidginPidgin Version2.7.4
PidginPidgin Version2.7.5
PidginPidgin Version2.7.6
PidginPidgin Version2.7.7
PidginPidgin Version2.7.8
PidginPidgin Version2.7.9
PidginPidgin Version2.7.10
PidginPidgin Version2.7.11
PidginPidgin Version2.8.0
PidginPidgin Version2.9.0
PidginPidgin Version2.10.0
PidginPidgin Version2.10.1
PidginPidgin Version2.10.2
PidginPidgin Version2.10.3
PidginPidgin Version2.10.4
PidginPidgin Version2.10.5
PidginPidgin Version2.10.6
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.64% 0.696
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P