CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
94.8%
Marius Wachtler discovered that Pidgin incorrectly handled malformed YMSG
messages in the Yahoo! protocol handler. A remote attacker could send a
specially crafted message and cause Pidgin to crash, leading to a denial
of service. This issue only affected Ubuntu 10.04 LTS and 10.10.
(CVE-2011-1091)
Marius Wachtler discovered that Pidgin incorrectly handled HTTP 100
responses in the MSN protocol handler. A remote attacker could send a
specially crafted message and cause Pidgin to crash, leading to a denial
of service. (CVE-2011-3184)
Diego Bauche Madero discovered that Pidgin incorrectly handled UTF-8
sequences in the SILC protocol handler. A remote attacker could send a
specially crafted message and cause Pidgin to crash, leading to a denial
of service. (CVE-2011-3594)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 11.04 | noarch | pidgin | < 1:2.7.11-1ubuntu2.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | finch | < 1:2.7.11-1ubuntu2.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | libpurple0 | < 1:2.7.11-1ubuntu2.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | pidgin-dbg | < 1:2.7.11-1ubuntu2.1 | UNKNOWN |
Ubuntu | 10.10 | noarch | pidgin | < 1:2.7.3-1ubuntu3.3 | UNKNOWN |
Ubuntu | 10.10 | noarch | finch | < 1:2.7.3-1ubuntu3.3 | UNKNOWN |
Ubuntu | 10.10 | noarch | libpurple0 | < 1:2.7.3-1ubuntu3.3 | UNKNOWN |
Ubuntu | 10.10 | noarch | pidgin-dbg | < 1:2.7.3-1ubuntu3.3 | UNKNOWN |
Ubuntu | 10.04 | noarch | pidgin | < 1:2.6.6-1ubuntu4.4 | UNKNOWN |
Ubuntu | 10.04 | noarch | finch | < 1:2.6.6-1ubuntu4.4 | UNKNOWN |