upnp.c in libpurple in Pidgin before 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote attackers to cause a denial of service (application crash) by leveraging access to the local network.
Max CVSS
2.9
EPSS Score
2.00%
Published
2013-02-16
Updated
2017-09-19
sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service (application crash) via a crafted packet.
Max CVSS
5.0
EPSS Score
0.52%
Published
2013-02-16
Updated
2017-09-19
Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header.
Max CVSS
6.8
EPSS Score
1.47%
Published
2013-02-16
Updated
2017-09-19
The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathname.
Max CVSS
5.0
EPSS Score
0.64%
Published
2013-02-16
Updated
2017-09-19
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!