Published: 08/08/2012 Updated: 19/09/2017

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

cipher.c in the Cipher API in libpurple in Pidgin prior to 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or other representation of memory contents.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pidgin pidgin 2.7.6
pidgin pidgin 2.7.5
pidgin pidgin 2.6.5
pidgin pidgin 2.6.4
pidgin pidgin 2.5.5
pidgin pidgin 2.5.3
pidgin pidgin 2.4.0
pidgin pidgin 2.4.2
pidgin pidgin 2.1.1
pidgin pidgin 2.10.4
pidgin pidgin
pidgin pidgin 2.7.2
pidgin pidgin 2.7.1
pidgin pidgin 2.7.4
pidgin pidgin 2.7.3
pidgin pidgin 2.6.1
pidgin pidgin 2.6.2
pidgin pidgin 2.5.0
pidgin pidgin 2.5.1
pidgin pidgin 2.3.1
pidgin pidgin 2.3.0
pidgin pidgin 2.10.0
pidgin pidgin 2.10.1
pidgin pidgin 2.10.2
pidgin pidgin 2.7.8
pidgin pidgin 2.7.7
pidgin pidgin 2.7.0
pidgin pidgin 2.6.6
pidgin pidgin 2.5.4
pidgin pidgin 2.5.2
pidgin pidgin 2.4.3
pidgin pidgin 2.4.1
pidgin pidgin 2.2.2
pidgin pidgin 2.10.3
pidgin pidgin 2.0.2
pidgin pidgin 2.0.0
pidgin pidgin 2.6.0
pidgin pidgin 2.5.9
pidgin pidgin 2.5.8
pidgin pidgin 2.5.6
pidgin pidgin 2.5.7
pidgin pidgin 2.2.0
pidgin pidgin 2.2.1
pidgin pidgin 2.1.0
pidgin pidgin 2.0.1

Several security issues were fixed in Pidgin ...

CWE-200 http://hg.pidgin.im/pidgin/main/rev/8c850977cb42 http://openwall.com/lists/oss-security/2012/01/04/13 http://www.pidgin.im/news/security/?id=50 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18223 https://usn.ubuntu.com/1500-1/https://nvd.nist.gov

CVE-2011-4922

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect