Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pidgin pidgin vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2010-0013
Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote malicious users to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to ...
Adium Adium 1.3.8
Pidgin Pidgin 2.6.4
Fedoraproject Fedora 11
Fedoraproject Fedora 12
Suse Linux Enterprise Server 10
Suse Linux Enterprise 11.0
Opensuse Opensuse
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 5.0
1 EDB exploit
5
CVSSv2
CVE-2009-3615
The OSCAR protocol plugin in libpurple in Pidgin prior to 2.6.3 and Adium prior to 1.3.7 allows remote malicious users to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client.
Adium Adium 1.3.3
Adium Adium 1.3.4
Adium Adium 1.0.3
Adium Adium 1.3
Adium Adium 1.1.3
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.0.0
Adium Adium 1.3.5
Adium Adium 1.0
Adium Adium 1.0.4
Adium Adium 1.1
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.2.1
5
CVSSv2
CVE-2009-2703
libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin prior to 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string.
Pidgin Libpurple
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.5.3
5
CVSSv2
CVE-2009-3083
The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin prior to 2.6.2 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain...
Pidgin Libpurple
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.2.1
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.2.0
Pidgin Pidgin 2.1.1
5
CVSSv2
CVE-2009-3084
The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c in the MSN protocol plugin in libpurple 2.6.0 and 2.6.1, as used in Pidgin prior to 2.6.2, allows remote malicious users to cause a denial of service (application crash) via a handwritten (aka Ink) message, rel...
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.2.0
Pidgin Pidgin 2.5.6
5
CVSSv2
CVE-2009-3085
The XMPP protocol plugin in libpurple in Pidgin prior to 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote malicious users to cause a denial of service (application crash) via XHTML-IM content with cid: images.
Pidgin Libpurple
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.2.0
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.2.1
Pidgin Pidgin
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.2.2
5
CVSSv2
CVE-2009-3026
protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the "require TLS/SSL" preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect to the server without...
Pidgin Pidgin 2.6.0
5
CVSSv2
CVE-2009-1889
The OSCAR protocol implementation in Pidgin prior to 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote malicious users to cause a denial of service (application crash) via a crafted ICQ web message that triggers allocation of a lar...
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.2.1
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.2.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.5.0
Pidgin Pidgin
5
CVSSv2
CVE-2009-1374
Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) prior to 2.5.6 allows remote malicious users to cause a denial of service (application crash) via a QQ packet.
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.2.1
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.2.0
Pidgin Pidgin 2.0.2
Pidgin Pidgin
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.5.0
5
CVSSv2
CVE-2009-1375
The PurpleCircBuffer implementation in Pidgin (formerly Gaim) prior to 2.5.6 does not properly maintain a certain buffer, which allows remote malicious users to cause a denial of service (memory corruption and application crash) via vectors involving the (1) XMPP or (2) Sametime ...
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.2.1
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.2.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin
Pidgin Pidgin 2.5.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »