CVE-2008-2927
Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability
Severity Score
6.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955.
Múltiples desbordamiento de enteros en las funciones msn_slplink_process_msg en el manejador de protocolo MSN en los archivos (1) libpurple/protocols/msn/slplink.c y (2) libpurple/protocols/msnp9/slplink.c en Pidgin anterior a versión 2.4.3 y Adium anterior a versión 1.3, permiten a los atacantes remotos ejecutar código arbitrario por medio de un mensaje SLP malformado con un valor de desplazamiento diseñado, una vulnerabilidad diferente de CVE-2008-2955.
This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of messaging applications that make use of the libpurple library. User interaction is not required to exploit this vulnerability.
The specific flaw exists in the implementation of the MSN protocol, specifically the handling of SLP messages. The function msn_slplink_process_msg() fails to properly validate an offset value specified in the SLP packet. By providing a specific value, an attacker can overflow a heap buffer resulting in arbitrary code execution.
*Credits:
Anonymous
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-06-30 CVE Reserved
- 2008-07-07 CVE Published
- 2024-07-13 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-189: Numeric Errors
- CWE-190: Integer Overflow or Wraparound
CAPEC
References (32)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/30971 | 2023-02-13 | |
| http://secunia.com/advisories/31016 | 2023-02-13 | |
| http://secunia.com/advisories/31105 | 2023-02-13 | |
| http://secunia.com/advisories/31387 | 2023-02-13 | |
| http://secunia.com/advisories/31642 | 2023-02-13 | |
| http://www.debian.org/security/2008/dsa-1610 | 2023-02-13 | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2008:143 | 2023-02-13 | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2009:127 | 2023-02-13 | |
| http://www.redhat.com/support/errata/RHSA-2008-0584.html | 2023-02-13 | |
| http://www.ubuntu.com/usn/USN-675-1 | 2023-02-13 | |
| http://www.ubuntu.com/usn/USN-675-2 | 2023-02-13 | |
| http://www.vupen.com/english/advisories/2008/2032/references | 2023-02-13 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=453764 | 2008-07-09 | |
| https://access.redhat.com/security/cve/CVE-2008-2927 | 2008-07-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Pidgin Search vendor "Pidgin" | Pidgin Search vendor "Pidgin" for product "Pidgin" | <= 2.4.2 Search vendor "Pidgin" for product "Pidgin" and version " <= 2.4.2" | - |
Affected
| ||||||
| Pidgin Search vendor "Pidgin" | Pidgin Search vendor "Pidgin" for product "Pidgin" | 2.0.0 Search vendor "Pidgin" for product "Pidgin" and version "2.0.0" | - |
Affected
| ||||||
| Pidgin Search vendor "Pidgin" | Pidgin Search vendor "Pidgin" for product "Pidgin" | 2.0.1 Search vendor "Pidgin" for product "Pidgin" and version "2.0.1" | - |
Affected
| ||||||
| Pidgin Search vendor "Pidgin" | Pidgin Search vendor "Pidgin" for product "Pidgin" | 2.0.2 Search vendor "Pidgin" for product "Pidgin" and version "2.0.2" | - |
Affected
| ||||||
| Pidgin Search vendor "Pidgin" | Pidgin Search vendor "Pidgin" for product "Pidgin" | 2.1.0 Search vendor "Pidgin" for product "Pidgin" and version "2.1.0" | - |
Affected
| ||||||
| Pidgin Search vendor "Pidgin" | Pidgin Search vendor "Pidgin" for product "Pidgin" | 2.1.1 Search vendor "Pidgin" for product "Pidgin" and version "2.1.1" | - |
Affected
| ||||||
| Pidgin Search vendor "Pidgin" | Pidgin Search vendor "Pidgin" for product "Pidgin" | 2.2.0 Search vendor "Pidgin" for product "Pidgin" and version "2.2.0" | - |
Affected
| ||||||
| Pidgin Search vendor "Pidgin" | Pidgin Search vendor "Pidgin" for product "Pidgin" | 2.2.1 Search vendor "Pidgin" for product "Pidgin" and version "2.2.1" | - |
Affected
| ||||||
| Pidgin Search vendor "Pidgin" | Pidgin Search vendor "Pidgin" for product "Pidgin" | 2.2.2 Search vendor "Pidgin" for product "Pidgin" and version "2.2.2" | - |
Affected
| ||||||
| Pidgin Search vendor "Pidgin" | Pidgin Search vendor "Pidgin" for product "Pidgin" | 2.3.0 Search vendor "Pidgin" for product "Pidgin" and version "2.3.0" | - |
Affected
| ||||||
| Pidgin Search vendor "Pidgin" | Pidgin Search vendor "Pidgin" for product "Pidgin" | 2.3.1 Search vendor "Pidgin" for product "Pidgin" and version "2.3.1" | - |
Affected
| ||||||
| Pidgin Search vendor "Pidgin" | Pidgin Search vendor "Pidgin" for product "Pidgin" | 2.4.0 Search vendor "Pidgin" for product "Pidgin" and version "2.4.0" | - |
Affected
| ||||||
| Pidgin Search vendor "Pidgin" | Pidgin Search vendor "Pidgin" for product "Pidgin" | 2.4.1 Search vendor "Pidgin" for product "Pidgin" and version "2.4.1" | - |
Affected
| ||||||
| Adium Search vendor "Adium" | Adium Search vendor "Adium" for product "Adium" | <= 1.2.7 Search vendor "Adium" for product "Adium" and version " <= 1.2.7" | - |
Affected
| ||||||
| Adium Search vendor "Adium" | Adium Search vendor "Adium" for product "Adium" | 1.0 Search vendor "Adium" for product "Adium" and version "1.0" | - |
Affected
| ||||||
| Adium Search vendor "Adium" | Adium Search vendor "Adium" for product "Adium" | 1.0.1 Search vendor "Adium" for product "Adium" and version "1.0.1" | - |
Affected
| ||||||
| Adium Search vendor "Adium" | Adium Search vendor "Adium" for product "Adium" | 1.0.2 Search vendor "Adium" for product "Adium" and version "1.0.2" | - |
Affected
| ||||||
| Adium Search vendor "Adium" | Adium Search vendor "Adium" for product "Adium" | 1.0.3 Search vendor "Adium" for product "Adium" and version "1.0.3" | - |
Affected
| ||||||
| Adium Search vendor "Adium" | Adium Search vendor "Adium" for product "Adium" | 1.0.4 Search vendor "Adium" for product "Adium" and version "1.0.4" | - |
Affected
| ||||||
| Adium Search vendor "Adium" | Adium Search vendor "Adium" for product "Adium" | 1.0.5 Search vendor "Adium" for product "Adium" and version "1.0.5" | - |
Affected
| ||||||
| Adium Search vendor "Adium" | Adium Search vendor "Adium" for product "Adium" | 1.1 Search vendor "Adium" for product "Adium" and version "1.1" | - |
Affected
| ||||||
| Adium Search vendor "Adium" | Adium Search vendor "Adium" for product "Adium" | 1.1.1 Search vendor "Adium" for product "Adium" and version "1.1.1" | - |
Affected
| ||||||
| Adium Search vendor "Adium" | Adium Search vendor "Adium" for product "Adium" | 1.1.2 Search vendor "Adium" for product "Adium" and version "1.1.2" | - |
Affected
| ||||||
| Adium Search vendor "Adium" | Adium Search vendor "Adium" for product "Adium" | 1.1.3 Search vendor "Adium" for product "Adium" and version "1.1.3" | - |
Affected
| ||||||
| Adium Search vendor "Adium" | Adium Search vendor "Adium" for product "Adium" | 1.1.4 Search vendor "Adium" for product "Adium" and version "1.1.4" | - |
Affected
| ||||||