Pidgin Libpurple 2.7.3

CPE Details

Pidgin Libpurple 2.7.3
pidgin
libpurple
2.7.3
2011-11-07
19h34 +00:00
2011-11-09
19h46 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:pidgin:libpurple:2.7.3:*:*:*:*:*:*:*

Informations

Vendor

pidgin

Product

libpurple

Version

2.7.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2011-3594 2011-11-04 20h00 +00:00 The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service (crash) via invalid UTF-8 sequences that trigger use of invalid pointers and an out-of-bounds read, related to interactions with certain versions of glib2.
4.3
CVE-2009-2703 2009-09-08 16h00 +00:00 libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string.
5
CVE-2009-3083 2009-09-08 16h00 +00:00 The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client.
5
CVE-2009-3085 2009-09-08 16h00 +00:00 The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service (application crash) via XHTML-IM content with cid: images.
5