Showing 1 - 5 of 5

CVE-2017-2640

Status Candidate

Overview

An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in the context of the pidgin process.

Related Files

Red Hat Security Advisory 2017-1854-01: Posted Aug 2, 2017; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2017-1854-01 - Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. The following packages have been upgraded to a later upstream version: pidgin. Security Fix: A denial of service flaw was found in the way Pidgin's Mxit plug-in handled emoticons. A malicious remote server or a man-in-the-middle attacker could potentially use this flaw to crash Pidgin by sending a specially crafted emoticon.; tags | advisory, remote, denial of service; systems | linux, redhat; advisories | CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3698, CVE-2017-2640; SHA-256 | 8025ad83e85f7711d5359c27763a16556d76510821e47dc5d645d2f65d5b42ab; Download | Favorite | View

Gentoo Linux Security Advisory 201706-10: Posted Jun 6, 2017; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201706-10 - A vulnerability in Pidgin might allow remote attackers to execute arbitrary code. Versions less than 2.12.0 are affected.; tags | advisory, remote, arbitrary; systems | linux, gentoo; advisories | CVE-2017-2640; SHA-256 | 2c655b3781df10956ba163b40a64abf56144f6f98cce7d5799a2d5c09004d173; Download | Favorite | View

Adium 1.5.10.2 libpurple Code Execution: Posted Mar 21, 2017; Authored by Eryt; Adium version 1.5.10.2 includes a vulnerable version of libpurple that permits for arbitrary code execution on the client.; tags | advisory, arbitrary, code execution; advisories | CVE-2017-2640; SHA-256 | ecda5b423632c41687024c6a3f6d0c1f5e08a999e78e7e3f2993c4210cff312b; Download | Favorite | View

Slackware Security Advisory - pidgin Updates: Posted Mar 16, 2017; Authored by Slackware Security Team | Site slackware.com; Slackware Security Advisory - New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.; tags | advisory; systems | linux, slackware; advisories | CVE-2017-2640; SHA-256 | 28ab51f1bbc6ebcee4b3ebc5e26e510679e1692947b5f29bb49d591d536e4f4d; Download | Favorite | View

Ubuntu Security Notice USN-3231-1: Posted Mar 14, 2017; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3231-1 - Joseph Bisch discovered that Pidgin incorrectly handled certain xml messages. A remote attacker could use this issue to cause Pidgin to crash, resulting in a denial of service, or possibly execute arbitrary code.; tags | advisory, remote, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2017-2640; SHA-256 | 3430ac97a55a07d89fc7b0c1fef7489e061ec02f763ebc35af16e51616b1cb22; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 228 files
Ubuntu 89 files
Gentoo 31 files
Debian 22 files
tmrswrr 10 files
Sina Kheirkhah 7 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
Google Security Research 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,079)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,380)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,289)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,663)
UNIX (9,426)
UnixWare (187)
Windows (6,666)
Other

CVE-2017-2640

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems