English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 146377 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.802331
Kategorie:Denial of Service
Titel:Pidgin Libpurple Protocol Plugins Denial of Service Vulnerabilities - Windows
Zusammenfassung:Pidgin is prone to denial of service vulnerabilities.
Beschreibung:Summary:
Pidgin is prone to denial of service vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- An error in the IRC protocol plugin in libpurple when handling WHO
responses with special characters in the nicknames.

- An error in the MSN protocol plugin when handling HTTP 100 responses.

- Improper handling of 'file:// URI', allows to execute the file when user
clicks on a file:// URI in a received IM.

Vulnerability Impact:
Successful exploitation allows remote attackers to execute arbitrary code,
obtain sensitive information or cause a denial of service.

Affected Software/OS:
Pidgin versions prior to 2.10.0

Solution:
Upgrade to Pidgin version 2.10.0 or later.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-2943
1025961
http://securitytracker.com/id?1025961
45663
http://secunia.com/advisories/45663
45916
http://secunia.com/advisories/45916
49268
http://www.securityfocus.com/bid/49268
[oss-security] 20110820 CVE request: Pidgin crash
http://www.openwall.com/lists/oss-security/2011/08/20/2
[oss-security] 20110822 Re: CVE request: Pidgin crash
http://www.openwall.com/lists/oss-security/2011/08/22/2
http://developer.pidgin.im/viewmtn/revision/diff/5749f9193063800d27bef75c2388f6f9cc2f7f37/with/5c2dba4a7e2e76b76e7f472b88953a4316706d43/libpurple/protocols/irc/msgs.c
http://developer.pidgin.im/viewmtn/revision/info/5c2dba4a7e2e76b76e7f472b88953a4316706d43
http://pidgin.im/news/security/?id=53
https://bugzilla.redhat.com/show_bug.cgi?id=722939
oval:org.mitre.oval:def:18005
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18005
pidgin-irc-protocol-dos(69340)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69340
Common Vulnerability Exposure (CVE) ID: CVE-2011-3184
FEDORA-2011-11544
http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064943.html
FEDORA-2011-11595
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065190.html
http://www.openwall.com/lists/oss-security/2011/08/22/10
http://www.openwall.com/lists/oss-security/2011/08/22/12
http://www.openwall.com/lists/oss-security/2011/08/22/4
http://www.openwall.com/lists/oss-security/2011/08/22/7
http://developer.pidgin.im/viewmtn/revision/diff/5c2dba4a7e2e76b76e7f472b88953a4316706d43/with/16af0661899a978b4fedc1c165965b85009013d1/libpurple/protocols/msn/httpconn.c
http://developer.pidgin.im/viewmtn/revision/info/16af0661899a978b4fedc1c165965b85009013d1
http://pidgin.im/news/security/?id=54
https://bugzilla.redhat.com/show_bug.cgi?id=732405
oval:org.mitre.oval:def:18284
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18284
pidgin-msn-protocol-dos(69341)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69341
Common Vulnerability Exposure (CVE) ID: CVE-2011-3185
BugTraq ID: 49268
Bugtraq: 20110822 Insomnia : ISVA-110822.1 - Pidgin IM Insecure URL Handling Remote Code Execution (Google Search)
http://www.securityfocus.com/archive/1/519391/100/0/threaded
http://www.insomniasec.com/advisories/ISVA-110822.1.htm
http://www.openwall.com/lists/oss-security/2011/08/22/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18324
XForce ISS Database: pidgin-uri-code-execution(69342)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69342
CopyrightCopyright (C) 2011 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.