CVSS: 7.5EPSS: 4%CPEs: 21EXPL: 0CVE-2009-1374 – pidgin DoS when decrypting qq packets
https://notcve.org/view.php?id=CVE-2009-1374
26 May 2009 — Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a denial of service (application crash) via a QQ packet. Desbordamiento de búfer en la función decrypt_out en Pidgin anteriores a v2.5.6 permite a atacantes remotos producir una denegación de servicio (caída de aplicación)a través de un paquete QQ. • http://secunia.com/advisories/35188 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 5%CPEs: 21EXPL: 0CVE-2009-1375 – pidgin PurpleCircBuffer corruption
https://notcve.org/view.php?id=CVE-2009-1375
26 May 2009 — The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service (memory corruption and application crash) via vectors involving the (1) XMPP or (2) Sametime protocol. La implementación PurpleCircBuffer en Pidgin anteriores a v2.5.6 no mantienen de forma adecuada cierto búfer, lo que permite a atacantes remotos producir una denegación de servicio (corrupción de memoria y caída de aplicación) a t... • http://debian.org/security/2009/dsa-1805 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 24%CPEs: 9EXPL: 1CVE-2009-1376 – Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2009-1376
26 May 2009 — Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927. Múltiples desbordamientos de entero en las funciones msn_slplink_... • https://www.exploit-db.com/exploits/9615 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 6%CPEs: 25EXPL: 0CVE-2008-2927 – Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-2927
07 Jul 2008 — Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955. Múltiples desbordamiento de enteros en las funciones msn_slplink_process_msg en el manejador de protocolo MSN en los archivos (1) libpu... • http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3841
https://notcve.org/view.php?id=CVE-2007-3841
17 Jul 2007 — Unspecified vulnerability in Pidgin (formerly Gaim) 2.0.2 for Linux allows remote authenticated users, who are listed in a users list, to execute certain commands via unspecified vectors, aka ZD-00000035. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. Vulnerabilida no especifi... • http://www.securityfocus.com/bid/24904 •