Request for CVEs for Pidgin
Tomas Hoger
thoger at redhat.com
Wed Jan 15 16:58:46 EST 2014
Hi Mark!
Here is the list I got form Kurt:
CVE-2012-6152 Pidgin: ISSUE-01 Yahoo! remote crash from incorrect
character encoding.
CVE-2013-6477 Pidgin: ISSUE-02 Crash handling bad XMPP timestamp.
CVE-2013-6478 Pidgin: ISSUE-03 Crash when hovering pointer over a long
URL.
CVE-2013-6479 Pidgin: ISSUE-04 Remote crash parsing HTTP responses.
CVE-2013-6481 Pidgin: ISSUE-05 Remote crash reading Yahoo! P2P message.
CVE-2013-6482 Pidgin: ISSUE-06, ISSUE-07, ISSUE-08 NULL pointer
dereference parsing in MSN.
CVE-2013-6483 Pidgin: ISSUE-09 XMPP doesn't verify 'from' on some iq
replies.
CVE-2013-6484 Pidgin: ISSUE-10 Crash reading response from STUN server.
CVE-2013-6485 Pidgin: ISSUE-11 Buffer overflow parsing chunked HTTP
transfers.
CVE-2013-6486 Pidgin: ISSUE-12 Pidgin uses clickable links to
untrusted executables.
CVE-2013-6487 Pidgin: ISSUE-13, ISSUE-14, ISSUE-15 Buffer overflow
(read -1 from network)
CVE-2014-0020 Pidgin: ISSUE-16 Remotely triggerable crash in IRC
argument parsing.
--
Tomas Hoger / Red Hat Security Response Team
More information about the security
mailing list