Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 30 results


CVE-2009-2694

Medium priority

Some fixes available 3 of 4

The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a...

2 affected packages

gaim, pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gaim
pidgin
Show less packages

CVE-2009-1376

Medium priority
Fixed

Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit...

2 affected packages

gaim, pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gaim
pidgin
Show less packages

CVE-2009-1375

Medium priority
Fixed

The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service (memory corruption and application crash)...

2 affected packages

gaim, pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gaim
pidgin
Show less packages

CVE-2009-1374

Medium priority
Fixed

Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a denial of service (application crash) via a QQ packet.

2 affected packages

gaim, pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gaim
pidgin
Show less packages

CVE-2009-1373

Medium priority
Fixed

Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these...

2 affected packages

gaim, pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gaim
pidgin
Show less packages

CVE-2008-3532

Low priority

Some fixes available 2 of 3

The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service.

2 affected packages

gaim, pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gaim
pidgin
Show less packages

CVE-2008-2927

Medium priority

Some fixes available 3 of 4

Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow...

2 affected packages

gaim, pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gaim
pidgin
Show less packages

CVE-2008-2957

Low priority

Some fixes available 2 of 3

The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service (memory or disk consumption) via a UDP packet that specifies an...

2 affected packages

gaim, pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gaim
pidgin
Show less packages

CVE-2008-2956

Low priority
Ignored

** DISPUTED ** Memory leak in Pidgin 2.0.0, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption) via malformed XML documents. NOTE: this issue has been disputed by the upstream...

2 affected packages

gaim, pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gaim
pidgin
Show less packages

CVE-2008-2955

Low priority

Some fixes available 2 of 3

Pidgin 2.4.1 allows remote attackers to cause a denial of service (crash) via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msn_slplink_process_msg function.

2 affected packages

gaim, pidgin

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gaim
pidgin
Show less packages