Page 2 of 7 results (0.012 seconds)

CVSS: 5.0EPSS: 4%CPEs: 37EXPL: 0

The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client. La función msn_slp_sip_recv de libpurple/protocols/msn/slp.c en el "plugin" (complemento) del protocolo MSN de libpurple de Pidgin en sus versiones anteriores a la v2.6.2 permite a atacantes remotos provocar una denegación de servicio (resolución de una referencia a puntero NULL y caída de la aplicación) a través de un mensaje SLP invite que carece de determinados campos obligatorios, tal como se ha demostrado con un mensaje mal formado desde un cliente KMess. • http://developer.pidgin.im/ticket/10159 http://developer.pidgin.im/viewmtn/revision/diff/6d3fc30a0a0a379281efc5a6872a9c1d7c24c650/with/b4a95ea62b81a06ffc1993912471c511b786efdd/libpurple/protocols/msn/slp.c http://developer.pidgin.im/viewmtn/revision/info/b4a95ea62b81a06ffc1993912471c511b786efdd http://secunia.com/advisories/36601 http://www.pidgin.im/news/security/index.php?id=39 http://www.securityfocus.com/bid/36277 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11852 https://oval.cisec • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •

CVSS: 5.0EPSS: 0%CPEs: 37EXPL: 0

libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string. libpurple/protocols/irc/msgs.c en el complemento (plugin) de protocolo IRC de libpurple en Pidgin v2.6.2 permite causar a servidores IRC remotos para una denegación de servicio (mediante una desreferencia a puntero NULL y caida de la aplicación) a través de un mensaje TOPIC que carece de una cadena de asunto. • http://developer.pidgin.im/viewmtn/revision/info/ad2c6ee53ec9122b25aeb1f918db53be69bdeac3 http://secunia.com/advisories/36601 http://www.pidgin.im/news/security/index.php?id=40 http://www.securityfocus.com/bid/36277 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11379 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6435 https://access.redhat.com/security/cve/CVE-2009-2703 https://bugzilla.redhat.com/show_bug.cgi?id=521823 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •