Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-1091

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-14 Mar, 2011 | 19:00
Updated At-06 Aug, 2024 | 22:14
Rejected At-
Credits

libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yahoo! servers to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG SMS message.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:14 Mar, 2011 | 19:00
Updated At:06 Aug, 2024 | 22:14
Rejected At:
▼CVE Numbering Authority (CNA)

libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yahoo! servers to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG SMS message.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2011/0661
vdb-entry
x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2011-0616.html
vendor-advisory
x_refsource_REDHAT
https://hermes.opensuse.org/messages/13195955
vendor-advisory
x_refsource_SUSE
http://developer.pidgin.im/viewmtn/revision/diff/5cbe18129b6e7c660bc093f7e5e1414ceca17d04/with/a7c415abba1f5f01f79295337518837f73d99bb7/libpurple/protocols/yahoo/libymsg.c
x_refsource_CONFIRM
http://www.pidgin.im/news/security/?id=51
x_refsource_CONFIRM
http://www.securityfocus.com/bid/46837
vdb-entry
x_refsource_BID
https://bugzilla.redhat.com/show_bug.cgi?id=683031
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2011/0703
vdb-entry
x_refsource_VUPEN
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056309.html
vendor-advisory
x_refsource_FEDORA
http://secunia.com/advisories/43721
third-party-advisory
x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.466884
vendor-advisory
x_refsource_SLACKWARE
https://exchange.xforce.ibmcloud.com/vulnerabilities/66055
vdb-entry
x_refsource_XF
http://secunia.com/advisories/46376
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/43695
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-1371.html
vendor-advisory
x_refsource_REDHAT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18402
vdb-entry
signature
x_refsource_OVAL
http://www.vupen.com/english/advisories/2011/0669
vdb-entry
x_refsource_VUPEN
http://developer.pidgin.im/viewmtn/revision/info/a7c415abba1f5f01f79295337518837f73d99bb7
x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055874.html
vendor-advisory
x_refsource_FEDORA
http://www.vupen.com/english/advisories/2011/0643
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.vupen.com/english/advisories/2011/0661
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0616.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://hermes.opensuse.org/messages/13195955
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://developer.pidgin.im/viewmtn/revision/diff/5cbe18129b6e7c660bc093f7e5e1414ceca17d04/with/a7c415abba1f5f01f79295337518837f73d99bb7/libpurple/protocols/yahoo/libymsg.c
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.pidgin.im/news/security/?id=51
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/46837
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=683031
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2011/0703
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056309.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://secunia.com/advisories/43721
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.466884
Resource:
vendor-advisory
x_refsource_SLACKWARE
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/66055
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://secunia.com/advisories/46376
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/43695
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1371.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18402
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.vupen.com/english/advisories/2011/0669
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://developer.pidgin.im/viewmtn/revision/info/a7c415abba1f5f01f79295337518837f73d99bb7
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055874.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.vupen.com/english/advisories/2011/0643
Resource:
vdb-entry
x_refsource_VUPEN
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2011/0661
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.redhat.com/support/errata/RHSA-2011-0616.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://hermes.opensuse.org/messages/13195955
vendor-advisory
x_refsource_SUSE
x_transferred
http://developer.pidgin.im/viewmtn/revision/diff/5cbe18129b6e7c660bc093f7e5e1414ceca17d04/with/a7c415abba1f5f01f79295337518837f73d99bb7/libpurple/protocols/yahoo/libymsg.c
x_refsource_CONFIRM
x_transferred
http://www.pidgin.im/news/security/?id=51
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/46837
vdb-entry
x_refsource_BID
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=683031
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2011/0703
vdb-entry
x_refsource_VUPEN
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056309.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://secunia.com/advisories/43721
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.466884
vendor-advisory
x_refsource_SLACKWARE
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/66055
vdb-entry
x_refsource_XF
x_transferred
http://secunia.com/advisories/46376
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/43695
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2011-1371.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18402
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.vupen.com/english/advisories/2011/0669
vdb-entry
x_refsource_VUPEN
x_transferred
http://developer.pidgin.im/viewmtn/revision/info/a7c415abba1f5f01f79295337518837f73d99bb7
x_refsource_CONFIRM
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055874.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.vupen.com/english/advisories/2011/0643
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0661
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0616.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://hermes.opensuse.org/messages/13195955
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://developer.pidgin.im/viewmtn/revision/diff/5cbe18129b6e7c660bc093f7e5e1414ceca17d04/with/a7c415abba1f5f01f79295337518837f73d99bb7/libpurple/protocols/yahoo/libymsg.c
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.pidgin.im/news/security/?id=51
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/46837
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=683031
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0703
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056309.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://secunia.com/advisories/43721
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.466884
Resource:
vendor-advisory
x_refsource_SLACKWARE
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/66055
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://secunia.com/advisories/46376
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/43695
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1371.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18402
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0669
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://developer.pidgin.im/viewmtn/revision/info/a7c415abba1f5f01f79295337518837f73d99bb7
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055874.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0643
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:14 Mar, 2011 | 19:55
Updated At:29 Apr, 2026 | 01:13

libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yahoo! servers to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG SMS message.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.0MEDIUM
AV:N/AC:L/Au:S/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 4.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P
CPE Matches
Pidgin
pidgin
>>pidgin>>2.6.0
cpe:2.3:a:pidgin:pidgin:2.6.0:*:*:*:*:*:*:*
Pidgin
pidgin
>>pidgin>>2.6.1
cpe:2.3:a:pidgin:pidgin:2.6.1:*:*:*:*:*:*:*
Pidgin
pidgin
>>pidgin>>2.6.2
cpe:2.3:a:pidgin:pidgin:2.6.2:*:*:*:*:*:*:*
Pidgin
pidgin
>>pidgin>>2.6.4
cpe:2.3:a:pidgin:pidgin:2.6.4:*:*:*:*:*:*:*
Pidgin
pidgin
>>pidgin>>2.6.5
cpe:2.3:a:pidgin:pidgin:2.6.5:*:*:*:*:*:*:*
Pidgin
pidgin
>>pidgin>>2.6.6
cpe:2.3:a:pidgin:pidgin:2.6.6:*:*:*:*:*:*:*
Pidgin
pidgin
>>pidgin>>2.7.0
cpe:2.3:a:pidgin:pidgin:2.7.0:*:*:*:*:*:*:*
Pidgin
pidgin
>>pidgin>>2.7.1
cpe:2.3:a:pidgin:pidgin:2.7.1:*:*:*:*:*:*:*
Pidgin
pidgin
>>pidgin>>2.7.2
cpe:2.3:a:pidgin:pidgin:2.7.2:*:*:*:*:*:*:*
Pidgin
pidgin
>>pidgin>>2.7.3
cpe:2.3:a:pidgin:pidgin:2.7.3:*:*:*:*:*:*:*
Pidgin
pidgin
>>pidgin>>2.7.4
cpe:2.3:a:pidgin:pidgin:2.7.4:*:*:*:*:*:*:*
Pidgin
pidgin
>>pidgin>>2.7.5
cpe:2.3:a:pidgin:pidgin:2.7.5:*:*:*:*:*:*:*
Pidgin
pidgin
>>pidgin>>2.7.6
cpe:2.3:a:pidgin:pidgin:2.7.6:*:*:*:*:*:*:*
Pidgin
pidgin
>>pidgin>>2.7.7
cpe:2.3:a:pidgin:pidgin:2.7.7:*:*:*:*:*:*:*
Pidgin
pidgin
>>pidgin>>2.7.8
cpe:2.3:a:pidgin:pidgin:2.7.8:*:*:*:*:*:*:*
Pidgin
pidgin
>>pidgin>>2.7.9
cpe:2.3:a:pidgin:pidgin:2.7.9:*:*:*:*:*:*:*
Pidgin
pidgin
>>pidgin>>2.7.10
cpe:2.3:a:pidgin:pidgin:2.7.10:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://developer.pidgin.im/viewmtn/revision/diff/5cbe18129b6e7c660bc093f7e5e1414ceca17d04/with/a7c415abba1f5f01f79295337518837f73d99bb7/libpurple/protocols/yahoo/libymsg.csecalert@redhat.com
Patch
http://developer.pidgin.im/viewmtn/revision/info/a7c415abba1f5f01f79295337518837f73d99bb7secalert@redhat.com
Patch
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055874.htmlsecalert@redhat.com
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056309.htmlsecalert@redhat.com
N/A
http://secunia.com/advisories/43695secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/43721secalert@redhat.com
N/A
http://secunia.com/advisories/46376secalert@redhat.com
N/A
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.466884secalert@redhat.com
N/A
http://www.pidgin.im/news/security/?id=51secalert@redhat.com
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-0616.htmlsecalert@redhat.com
N/A
http://www.redhat.com/support/errata/RHSA-2011-1371.htmlsecalert@redhat.com
N/A
http://www.securityfocus.com/bid/46837secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2011/0643secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2011/0661secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2011/0669secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2011/0703secalert@redhat.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=683031secalert@redhat.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/66055secalert@redhat.com
N/A
https://hermes.opensuse.org/messages/13195955secalert@redhat.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18402secalert@redhat.com
N/A
http://developer.pidgin.im/viewmtn/revision/diff/5cbe18129b6e7c660bc093f7e5e1414ceca17d04/with/a7c415abba1f5f01f79295337518837f73d99bb7/libpurple/protocols/yahoo/libymsg.caf854a3a-2127-422b-91ae-364da2661108
Patch
http://developer.pidgin.im/viewmtn/revision/info/a7c415abba1f5f01f79295337518837f73d99bb7af854a3a-2127-422b-91ae-364da2661108
Patch
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055874.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056309.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/43695af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/43721af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/46376af854a3a-2127-422b-91ae-364da2661108
N/A
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.466884af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.pidgin.im/news/security/?id=51af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-0616.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2011-1371.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/46837af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0643af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0661af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0669af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0703af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=683031af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/66055af854a3a-2127-422b-91ae-364da2661108
N/A
https://hermes.opensuse.org/messages/13195955af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18402af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://developer.pidgin.im/viewmtn/revision/diff/5cbe18129b6e7c660bc093f7e5e1414ceca17d04/with/a7c415abba1f5f01f79295337518837f73d99bb7/libpurple/protocols/yahoo/libymsg.c
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: http://developer.pidgin.im/viewmtn/revision/info/a7c415abba1f5f01f79295337518837f73d99bb7
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055874.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056309.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/43695
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/43721
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/46376
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.466884
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.pidgin.im/news/security/?id=51
Source: secalert@redhat.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0616.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1371.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/46837
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0643
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0661
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0669
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0703
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=683031
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/66055
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://hermes.opensuse.org/messages/13195955
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18402
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://developer.pidgin.im/viewmtn/revision/diff/5cbe18129b6e7c660bc093f7e5e1414ceca17d04/with/a7c415abba1f5f01f79295337518837f73d99bb7/libpurple/protocols/yahoo/libymsg.c
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://developer.pidgin.im/viewmtn/revision/info/a7c415abba1f5f01f79295337518837f73d99bb7
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055874.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056309.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/43695
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/43721
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/46376
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.466884
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.pidgin.im/news/security/?id=51
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0616.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1371.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/46837
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0643
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0661
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0669
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0703
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=683031
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/66055
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://hermes.opensuse.org/messages/13195955
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18402
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

3Records found
CVE-2010-4528
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4||MEDIUM
EPSS-2.69% / 86.19%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

directconn.c in the MSN protocol plugin in libpurple 2.7.6 through 2.7.8 in Pidgin before 2.7.9 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a short p2pv2 packet in a DirectConnect (aka direct connection) session.

Action-Not Available
Vendor-n/aPidgin
Product-libpurplepidginn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-3711
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4||MEDIUM
EPSS-1.37% / 80.60%
||
7 Day CHG-0.02%
Published-27 Oct, 2010 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins for MSN, MySpaceIM, XMPP, and Yahoo! and the NTLM authentication support.

Action-Not Available
Vendor-n/aPidgin
Product-pidginn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-2528
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4||MEDIUM
EPSS-2.08% / 84.34%
||
7 Day CHG~0.00%
Published-29 Jul, 2010 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The clientautoresp function in family_icbm.c in the oscar protocol plugin in libpurple in Pidgin before 2.7.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via an X-Status message that lacks the expected end tag for a (1) desc or (2) title element.

Action-Not Available
Vendor-n/aPidgin
Product-pidginn/a
Details not found