Exploit the possiblities
Showing 1 - 6 of 6 RSS Feed

CVE-2012-3374

Status Candidate

Overview

Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message.

Related Files

Gentoo Linux Security Advisory 201209-17
Posted Sep 27, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201209-17 - A buffer overflow in Pidgin might allow remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 2.10.6 are affected.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2012-3374
MD5 | bbcc34ebfa5ecdcd40ad7aaec439a523
Red Hat Security Advisory 2012-1102-01
Posted Jul 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1102-01 - Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A flaw was found in the way the Pidgin MSN protocol plug-in processed text that was not encoded in UTF-8. A remote attacker could use this flaw to crash Pidgin by sending a specially-crafted MSN message. An input validation flaw was found in the way the Pidgin MSN protocol plug-in handled MSN notification messages. A malicious server or a remote attacker could use this flaw to crash Pidgin by sending a specially-crafted MSN notification message.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2012-1178, CVE-2012-2318, CVE-2012-3374
MD5 | 96b92134be208d88462c88df963d598e
Slackware Security Advisory - Pidgin Updates
Posted Jul 17, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New pidgin packages are available for Slackware 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2012-3374
MD5 | 56e775fdaeaabb72489157d11b690310
Mandriva Linux Security Advisory 2012-105
Posted Jul 13, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-105 - Incorrect handing of inline images in incoming instant messages can cause a buffer overflow and in some cases can be exploited to execute arbitrary code. This update provides pidgin 2.10.6, which is not vulnerable to this issue.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-3374
MD5 | d3b2bc179baaaec794ff0b4e64e89c29
Ubuntu Security Notice USN-1500-1
Posted Jul 9, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1500-1 - Evgeny Boger discovered that Pidgin incorrectly handled buddy list messages in the AIM and ICQ protocol handlers. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10. Thijs Alkemade discovered that Pidgin incorrectly handled malformed voice and video chat requests in the XMPP protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, protocol
systems | linux, ubuntu
advisories | CVE-2011-4601, CVE-2011-4602, CVE-2011-4603, CVE-2011-4922, CVE-2011-4939, CVE-2012-1178, CVE-2012-2214, CVE-2012-2318, CVE-2012-3374, CVE-2011-4601, CVE-2011-4602, CVE-2011-4603, CVE-2011-4922, CVE-2011-4939, CVE-2012-1178, CVE-2012-2214, CVE-2012-2318, CVE-2012-3374
MD5 | 422fcc2933191191cceade8eaab9a688
Debian Security Advisory 2509-1
Posted Jul 9, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2509-1 - Ulf Harnhammar found a buffer overflow in Pidgin, a multi protocol instant messaging client. The vulnerability can be exploited by an incoming message in the MXit protocol plugin. A remote attacker may cause a crash, and in some circumstances can lead to remote code execution.

tags | advisory, remote, overflow, code execution, protocol
systems | linux, debian
advisories | CVE-2012-3374
MD5 | 115936ee5b8ee3811dfb2899a15d662b
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

February 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    15 Files
  • 2
    Feb 2nd
    15 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    13 Files
  • 5
    Feb 5th
    16 Files
  • 6
    Feb 6th
    15 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    15 Files
  • 9
    Feb 9th
    18 Files
  • 10
    Feb 10th
    8 Files
  • 11
    Feb 11th
    8 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    15 Files
  • 14
    Feb 14th
    15 Files
  • 15
    Feb 15th
    17 Files
  • 16
    Feb 16th
    18 Files
  • 17
    Feb 17th
    37 Files
  • 18
    Feb 18th
    2 Files
  • 19
    Feb 19th
    11 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close