Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pidgin libpurple vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2012-1257
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.
Pidgin Pidgin 2.10.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-2640
An out-of-bounds write flaw was found in the way Pidgin prior to 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in the context of the pidgin process.
Pidgin Pidgin
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Debian Debian Linux 8.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
NA
CVE-2013-0273
sametime.c in the Sametime protocol plugin in libpurple in Pidgin prior to 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service (application crash) via a crafted packet.
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.10.2
NA
CVE-2013-0271
The MXit protocol plugin in libpurple in Pidgin prior to 2.10.7 might allow remote malicious users to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathname.
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.10.2
NA
CVE-2013-0274
upnp.c in libpurple in Pidgin prior to 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote malicious users to cause a denial of service (application crash) by leveraging access to the local network.
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.10.2
NA
CVE-2013-0272
Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin prior to 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header.
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.10.2
NA
CVE-2011-4922
cipher.c in the Cipher API in libpurple in Pidgin prior to 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or other representation of memory contents.
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.2.2
NA
CVE-2012-3374
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin prior to 2.10.5 allows remote malicious users to execute arbitrary code via a crafted inline image in a message.
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.5.5
NA
CVE-2012-2318
msg.c in the MSN protocol plugin in libpurple in Pidgin prior to 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service (application crash) by placing these characters in a text/plain message.
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.5.5
NA
CVE-2012-2214
proxy.c in libpurple in Pidgin prior to 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (application crash) via a sequence of XMPP file-transfer requests.
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.5.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »