Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pidgin libpurple vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3026
protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the "require TLS/SSL" preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect to the server without...
Pidgin Pidgin 2.6.0
NA
CVE-2009-2694
The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) prior to 2.5.9 and Adium 1.3.5 and previous versions, allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption ...
Adium Adium 1.3.4
Pidgin Pidgin 2.1.0
Adium Adium 1.2.7
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.0.0
Adium Adium 1.3.3
Adium Adium
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.4.0
Pidgin Pidgin
1 EDB exploit
NA
CVE-2009-1376
Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) prior to 2.5.6 on 32-bit platforms allow remote malicious users to execut...
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.4.1
1 EDB exploit
NA
CVE-2008-3532
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote malicious users to trick a user into accepting an invalid server certificate for a spoofed service.
Pidgin Pidgin 2.4.3
NA
CVE-2008-2927
Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin prior to 2.4.3 and Adium prior to 1.3 allow remote malicious users to execute arbitrary c...
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.2.0
Pidgin Pidgin
Pidgin Pidgin 2.2.1
Adium Adium 1.0.2
Adium Adium 1.1
Adium Adium 1.0.1
Adium Adium 1.0.5
Adium Adium 1.1.2
Adium Adium 1.1.3
Adium Adium 1.1.4
Adium Adium 1.0.4
Adium Adium
NA
CVE-2007-4999
libpurple in Pidgin 2.1.0 up to and including 2.2.1, when using HTML logging, allows remote malicious users to cause a denial of service (NULL dereference and application crash) via a message that contains invalid HTML data, a different vector than CVE-2007-4996.
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.2.0
Pidgin Pidgin 2.2.1
NA
CVE-2007-4996
libpurple in Pidgin prior to 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote malicious users to cause a denial of service (crash) via a nudge message that triggers an access of "an invalid memory...
Pidgin Pidgin 2.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4