7.5
CVSSv2

CVE-2012-3374

Published: 07/07/2012 Updated: 01/12/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin prior to 2.10.5 allows remote malicious users to execute arbitrary code via a crafted inline image in a message.

Vulnerable Product Search on Vulmon Subscribe to Product

pidgin pidgin 2.0.0

pidgin pidgin 2.0.1

pidgin pidgin 2.0.2

pidgin pidgin 2.1.0

pidgin pidgin 2.1.1

pidgin pidgin 2.2.0

pidgin pidgin 2.2.1

pidgin pidgin 2.2.2

pidgin pidgin 2.3.0

pidgin pidgin 2.3.1

pidgin pidgin 2.4.0

pidgin pidgin 2.4.1

pidgin pidgin 2.4.2

pidgin pidgin 2.4.3

pidgin pidgin 2.5.0

pidgin pidgin 2.5.1

pidgin pidgin 2.5.2

pidgin pidgin 2.5.3

pidgin pidgin 2.5.4

pidgin pidgin 2.5.5

pidgin pidgin 2.5.6

pidgin pidgin 2.5.7

pidgin pidgin 2.5.8

pidgin pidgin 2.5.9

pidgin pidgin 2.6.0

pidgin pidgin 2.6.1

pidgin pidgin 2.6.2

pidgin pidgin 2.6.4

pidgin pidgin 2.6.5

pidgin pidgin 2.6.6

pidgin pidgin 2.7.0

pidgin pidgin 2.7.1

pidgin pidgin 2.7.2

pidgin pidgin 2.7.3

pidgin pidgin 2.7.4

pidgin pidgin 2.7.5

pidgin pidgin 2.7.6

pidgin pidgin 2.7.7

pidgin pidgin 2.7.8

pidgin pidgin 2.7.9

pidgin pidgin 2.7.10

pidgin pidgin 2.7.11

pidgin pidgin 2.8.0

pidgin pidgin 2.9.0

pidgin pidgin 2.10.0

pidgin pidgin 2.10.1

pidgin pidgin 2.10.2

pidgin pidgin 2.10.3

pidgin pidgin

Vendor Advisories

Synopsis Moderate: pidgin security update Type/Severity Security Advisory: Moderate Topic Updated pidgin packages that fix three security issues are now availablefor Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerabil ...
Debian Bug report logs - #680661 pidgin: CVE-2012-3374: Buffer overflow in markupc in the MXit protocol plugin in libpurple in Pidgin before 2105 Package: pidgin; Maintainer for pidgin is Ari Pollak <ari@debianorg>; Source for pidgin is src:pidgin (PTS, buildd, popcon) Reported by: Henri Salo <henri@nervfi> Date ...
Ulf Härnhammar found a buffer overflow in Pidgin, a multi protocol instant messaging client The vulnerability can be exploited by an incoming message in the MXit protocol plugin A remote attacker may cause a crash, and in some circumstances can lead to remote code execution For the stable distribution (squeeze), this problem has been fixed in v ...
Several security issues were fixed in Pidgin ...