Request for CVEs for Pidgin

Tomas Hoger thoger at
Wed Jan 15 16:58:46 EST 2014

Hi Mark!

Here is the list I got form Kurt:

CVE-2012-6152 Pidgin: ISSUE-01 Yahoo! remote crash from incorrect
character encoding.

CVE-2013-6477 Pidgin: ISSUE-02 Crash handling bad XMPP timestamp.

CVE-2013-6478 Pidgin: ISSUE-03 Crash when hovering pointer over a long

CVE-2013-6479 Pidgin: ISSUE-04 Remote crash parsing HTTP responses.

CVE-2013-6481 Pidgin: ISSUE-05 Remote crash reading Yahoo! P2P message.

CVE-2013-6482 Pidgin: ISSUE-06, ISSUE-07, ISSUE-08 NULL pointer
dereference parsing in MSN.

CVE-2013-6483 Pidgin: ISSUE-09 XMPP doesn't verify 'from' on some iq

CVE-2013-6484 Pidgin: ISSUE-10 Crash reading response from STUN server.

CVE-2013-6485 Pidgin: ISSUE-11 Buffer overflow parsing chunked HTTP

CVE-2013-6486 Pidgin: ISSUE-12 Pidgin uses clickable links to
untrusted executables.

CVE-2013-6487 Pidgin: ISSUE-13, ISSUE-14, ISSUE-15 Buffer overflow
(read -1 from network)

CVE-2014-0020 Pidgin: ISSUE-16 Remotely triggerable crash in IRC
argument parsing.

Tomas Hoger / Red Hat Security Response Team

More information about the security mailing list