Lucene search
Ubuntu.comUB:CVE-2012-2369HistoryMay 23, 2012 - 12:00 a.m.
CVE-2012-2369
2012-05-2300:00:00
ubuntu.com
ubuntu.com
12
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.055
Percentile
93.2%
Format string vulnerability in the log_message_cb function in otr-plugin.c
in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 3.2.1 for
Pidgin might allow remote attackers to execute arbitrary code via format
string specifiers in data that generates a log message.
Bugs
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=673154>
- <https://bugs.launchpad.net/ubuntu/+source/pidgin-otr/+bug/1000363>
Notes
| Author | Note |
|---|---|
| sbeattie | should be mitigated by -D_FORTIFY_SOURCE=2 |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | pidgin-otr | < 3.2.0-5ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 11.04 | noarch | pidgin-otr | < 3.2.0-5ubuntu0.11.04.1 | UNKNOWN |
| ubuntu | 11.10 | noarch | pidgin-otr | < 3.2.0-5ubuntu0.11.14.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | pidgin-otr | < 3.2.0-5ubuntu0.12.04.1 | UNKNOWN |
Related
nessus
nessus
SuSE 11.1 Security Update : pidgin-otr (SAT Patch Number 6380)
2013-01-25 00:00:00
FreeBSD : pidgin-otr -- format string vulnerability (aa71daaa-9f8c-11e1-bd0a-0082a0c18826)
2012-05-17 00:00:00
Debian DSA-2476-1 : pidgin-otr - format string vulnerability
2012-05-22 00:00:00
freebsd
freebsd
pidgin-otr -- format string vulnerability
2012-05-16 00:00:00
openvas
openvas
Fedora Update for pidgin-otr FEDORA-2012-7948
2012-08-30 00:00:00
FreeBSD Ports: pidgin-otr
2012-05-31 00:00:00
Debian: Security Advisory (DSA-2476-1)
2012-05-31 00:00:00
gentoo
gentoo
pidgin-otr: Arbitrary code execution
2012-07-09 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2476-1] pidgin-otr security update
2012-05-24 00:00:00
Pidgin otr plugin format string vulnerability
2012-05-24 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: pidgin-otr-3.2.1-1.fc17
2012-05-26 07:23:19
[SECURITY] Fedora 16 Update: pidgin-otr-3.2.1-1.fc16
2012-05-18 10:36:53
debian
debian
[SECURITY] [DSA 2476-1] pidgin-otr security update
2012-05-19 19:30:04
suse
suse
Security update for pidgin-otr (important)
2012-06-06 03:08:27
cvelist
cvelist
CVE-2012-2369
2012-05-23 20:00:00
debiancve
debiancve
CVE-2012-2369
2012-05-23 20:55:01
nvd
nvd
CVE-2012-2369
2012-05-23 20:55:01
prion
prion
Format string
2012-05-23 20:55:00
cve
cve
CVE-2012-2369
2012-05-23 20:55:01
osv
osv
pidgin-otr-4.0.2-1.5 on GA media
2024-06-15 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.055
Percentile
93.2%
Related for UB:CVE-2012-2369