Pidgin

Pidgin

86 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2009-3026

  • EPSS 0.53%
  • Published 31.08.2009 20:30:01
  • Last modified 09.04.2025 00:30:58

protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the "require TLS/SSL" preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect t...

4.3

CVE-2009-3025

  • EPSS 0.69%
  • Published 31.08.2009 20:30:01
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in Pidgin 2.6.0 allows remote attackers to cause a denial of service (crash) via a link in a Yahoo IM.

10

CVE-2009-2694

Exploit
  • EPSS 34.58%
  • Published 21.08.2009 11:02:41
  • Last modified 09.04.2025 00:30:58

The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory...

5

CVE-2009-1889

  • EPSS 3.24%
  • Published 01.07.2009 13:00:01
  • Last modified 09.04.2025 00:30:58

The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote attackers to cause a denial of service (application crash) via a crafted ICQ web message that trigge...

9.3

CVE-2009-1376

  • EPSS 25.89%
  • Published 26.05.2009 15:30:05
  • Last modified 09.04.2025 00:30:58

Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remo...

7.1

CVE-2009-1373

  • EPSS 5.77%
  • Published 26.05.2009 15:30:05
  • Last modified 09.04.2025 00:30:58

Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained fr...

5

CVE-2009-1374

  • EPSS 4.46%
  • Published 26.05.2009 15:30:05
  • Last modified 09.04.2025 00:30:58

Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a denial of service (application crash) via a QQ packet.

5

CVE-2009-1375

  • EPSS 5.28%
  • Published 26.05.2009 15:30:05
  • Last modified 09.04.2025 00:30:58

The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service (memory corruption and application crash) via vectors involving the (1)...

6.8

CVE-2008-3532

Exploit
  • EPSS 3.45%
  • Published 08.08.2008 19:41:00
  • Last modified 09.04.2025 00:30:58

The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service.

6.8

CVE-2008-2927

  • EPSS 6.33%
  • Published 07.07.2008 23:41:00
  • Last modified 09.04.2025 00:30:58

Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to...