Published: 16/02/2013 Updated: 19/09/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

The MXit protocol plugin in libpurple in Pidgin prior to 2.10.7 might allow remote malicious users to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathname.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pidgin pidgin 2.10.5
pidgin pidgin 2.10.3
pidgin pidgin 2.7.11
pidgin pidgin 2.7.1
pidgin pidgin 2.7.9
pidgin pidgin 2.7.7
pidgin pidgin 2.7.4
pidgin pidgin 2.6.0
pidgin pidgin 2.5.9
pidgin pidgin 2.5.1
pidgin pidgin
pidgin pidgin 2.9.0
pidgin pidgin 2.8.0
pidgin pidgin 2.7.6
pidgin pidgin 2.7.10
pidgin pidgin 2.6.1
pidgin pidgin 2.6.2
pidgin pidgin 2.5.3
pidgin pidgin 2.5.0
pidgin pidgin 2.4.2
pidgin pidgin 2.3.1
pidgin pidgin 2.3.0
pidgin pidgin 2.0.2
pidgin pidgin 2.0.0
pidgin pidgin 2.10.4
pidgin pidgin 2.10.0
pidgin pidgin 2.7.8
pidgin pidgin 2.7.2
pidgin pidgin 2.7.5
pidgin pidgin 2.6.6
pidgin pidgin 2.5.8
pidgin pidgin 2.5.4
pidgin pidgin 2.5.7
pidgin pidgin 2.4.3
pidgin pidgin 2.2.2
pidgin pidgin 2.1.1
pidgin pidgin 2.5.6
pidgin pidgin 2.2.0
pidgin pidgin 2.2.1
pidgin pidgin 2.10.1
pidgin pidgin 2.10.2
pidgin pidgin 2.7.0
pidgin pidgin 2.7.3
pidgin pidgin 2.6.5
pidgin pidgin 2.6.4
pidgin pidgin 2.5.2
pidgin pidgin 2.5.5
pidgin pidgin 2.4.1
pidgin pidgin 2.4.0
pidgin pidgin 2.1.0
pidgin pidgin 2.0.1

Several security issues were fixed in Pidgin ...

NVD-CWE-noinfo http://hg.pidgin.im/pidgin/main/rev/a8aef1d340f2 http://www.pidgin.im/news/security/?id=65 http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00003.html http://www.ubuntu.com/usn/USN-1746-1 http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00006.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18386 https://usn.ubuntu.com/1746-1/https://nvd.nist.gov

CVE-2013-0271

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect