Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2011-4922
HistoryJan 04, 2012 - 12:00 a.m.

CVE-2011-4922

2012-01-0400:00:00
ubuntu.com
ubuntu.com
15

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

EPSS

0

Percentile

5.1%

JSON

cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains
encryption-key data in process memory, which might allow local users to
obtain sensitive information by reading a core file or other representation
of memory contents.
It was discovered that libpurple versions prior to 2.7.10 do not properly
clear certain data structures used in libpurple/cipher.c prior to freeing. An
attacker could potentially extract partial information from memory regions
freed by libpurple.

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchpidgin< 1:2.6.6-1ubuntu4.5UNKNOWN

Related

debiancve 1
cve 1
prion 1
openvas 5
nessus 6
cvelist 1
nvd 1
redhat 1
oraclelinux 1
ubuntu 1
debiancve
debiancve
CVE-2011-4922
2012-08-08 10:26:18
cve
cve
CVE-2011-4922
2012-08-08 10:26:18
prion
prion
Design/Logic Flaw
2012-08-08 10:26:00
openvas
openvas
Pidgin 'Libpurple' Cipher API Information Disclosure Vulnerability - Windows
2012-08-17 00:00:00
Pidgin 'Libpurple' Cipher API Information Disclosure Vulnerability (Windows)
2012-08-17 00:00:00
Oracle: Security Advisory (ELSA-2011-0616)
2015-10-06 00:00:00
nessus
nessus
Pidgin < 2.7.10 Information Disclosure
2011-02-21 00:00:00
RHEL 6 : pidgin (RHSA-2011:0616)
2011-05-20 00:00:00
Oracle Linux 6 : pidgin (ELSA-2011-0616)
2023-09-07 00:00:00
cvelist
cvelist
CVE-2011-4922
2012-08-08 10:00:00
nvd
nvd
CVE-2011-4922
2012-08-08 10:26:18
redhat
redhat
(RHSA-2011:0616) Low: pidgin security and bug fix update
2011-05-19 00:00:00
oraclelinux
oraclelinux
pidgin security and bug fix update
2011-05-28 00:00:00
ubuntu
ubuntu
Pidgin vulnerabilities
2012-07-09 00:00:00

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

EPSS

0

Percentile

5.1%

JSON
Related for UB:CVE-2011-4922
debiancve1cve1prion1openvas5nessus6cvelist1nvd1redhat1oraclelinux1ubuntu1