Lucene search
UbuntuUSN-675-2HistoryNov 24, 2008 - 12:00 a.m.
Gaim vulnerability
2008-11-2400:00:00
ubuntu.com
48
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.115
Percentile
95.3%
Releases
- Ubuntu 6.06
Packages
- gaim -
Details
It was discovered that Gaim did not properly handle certain malformed
messages in the MSN protocol handler. A remote attacker could send a specially
crafted message and possibly execute arbitrary code with user privileges.
(CVE-2008-2927)
References
Related
openvas
openvas
Ubuntu Update for gaim vulnerability USN-675-2
2009-03-23 00:00:00
RedHat Update for pidgin RHSA-2008:0584-01
2009-03-06 00:00:00
Mandrake Security Advisory MDVSA-2009:127 (gaim)
2009-06-05 00:00:00
nessus
nessus
RHEL 3 / 4 / 5 : pidgin (RHSA-2008:0584)
2008-07-10 00:00:00
Oracle Linux 3 / 4 : pidgin (ELSA-2008-0584)
2013-07-12 00:00:00
CentOS 3 / 4 / 5 : pidgin (CESA-2008:0584)
2008-07-10 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:25:52
debian
debian
[SECURITY] [DSA 1610-1] New gaim packages fix execution of arbitrary code
2008-07-15 17:46:45
[SECURITY] [DSA 1870-1] New pidgin packages fix arbitrary code execution
2009-08-19 22:29:43
[SECURITY] [DSA 1805-1] New pidgin packages fix several vulnerabilities
2009-05-22 20:04:08
checkpoint_advisories
checkpoint_advisories
Pidgin MSN MSNP2P Message Integer Overflow (CVE-2008-2927)
2009-12-21 00:00:00
securityvulns
securityvulns
ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability
2008-09-01 00:00:00
libpurple / Pidgin buffer overflow
2009-06-09 00:00:00
zdi
zdi
oraclelinux
oraclelinux
pidgin security and bug fix update
2008-07-09 00:00:00
redhat
redhat
(RHSA-2008:0584) Important: pidgin security and bug fix update
2008-07-09 00:00:00
centos
centos
finch, libpurple, pidgin security update
2008-07-09 10:20:19
osv
osv
gaim - execution of arbitrary code
2008-07-15 00:00:00
pidgin - insufficient input sanitization
2009-08-19 00:00:00
pidgin - several vulnerabilities
2009-05-22 00:00:00
prion
prion
Integer overflow
2009-05-26 15:30:00
Integer overflow
2008-07-07 23:41:00
debiancve
debiancve
CVE-2008-2927
2008-07-07 23:41:00
CVE-2009-1376
2009-05-26 15:30:05
cvelist
cvelist
CVE-2008-2927
2008-07-07 23:00:00
CVE-2009-1376
2009-05-26 15:16:00
cve
cve
CVE-2009-1376
2009-05-26 15:30:05
CVE-2008-2927
2008-07-07 23:41:00
ubuntucve
ubuntucve
CVE-2009-1376
2009-05-26 00:00:00
CVE-2008-2927
2008-07-07 00:00:00
nvd
nvd
CVE-2008-2927
2008-07-07 23:41:00
CVE-2009-1376
2009-05-26 15:30:05
coresecurity
coresecurity
Libpurple msn_slplink_process_msg() Arbitrary Write Vulnerability
2009-08-18 00:00:00
gentoo
gentoo
Pidgin: Multiple vulnerabilities
2009-01-20 00:00:00
Pidgin: Multiple vulnerabilities
2009-05-25 00:00:00
ubuntu
ubuntu
Pidgin vulnerabilities
2008-11-24 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: pidgin-2.5.6-1.fc9
2009-06-02 14:26:30
[SECURITY] Fedora 11 Update: pidgin-2.5.6-1.fc11
2009-06-02 14:28:31
[SECURITY] Fedora 10 Update: pidgin-2.5.6-1.fc10
2009-06-02 14:33:34
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.115
Percentile
95.3%
Related for USN-675-2