FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-25 11:22:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
59e7af2d-8db7-11de-883b-001e3300a30d	pidgin -- MSN overflow parsing SLP messages Secunia reports: A vulnerability has been reported in Pidgin, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error in the "msn_slplink_process_msg()" function when processing MSN SLP messages and can be exploited to corrupt memory. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions 2.5.8 and prior. Other versions may also be affected. Discovery 2009-08-18 Entry 2009-08-20 pidgin libpurple finch < 2.5.9 CVE-2009-2694 http://secunia.com/advisories/36384/ http://www.pidgin.im/news/security/?id=34
a2c4d3d5-4c7b-11df-83fb-0015587e2cc1	pidgin -- multiple remote denial of service vulnerabilities Three denial of service vulnerabilities where found in pidgin and allow remote attackers to crash the application. The developers summarized these problems as follows: Pidgin can become unresponsive when displaying large numbers of smileys Certain nicknames in group chat rooms can trigger a crash in Finch Failure to validate all fields of an incoming message can trigger a crash Discovery 2010-02-18 Entry 2010-04-20 pidgin < 2.6.6 libpurple < 2.6.6 38294 CVE-2010-0277 CVE-2010-0420 CVE-2010-0423 http://pidgin.im/news/security/?id=43 http://pidgin.im/news/security/?id=44 http://pidgin.im/news/security/?id=45
d057c5e6-5b20-11e4-bebd-000c2980a9f3	libpurple/pidgin -- multiple vulnerabilities The pidgin development team reports: . Discovery 2014-10-22 Entry 2014-10-24 libpurple < 2.10.10 pidgin < 2.10.10 CVE-2014-3694 CVE-2014-3697 CVE-2014-3696 CVE-2014-3695 CVE-2014-3698 https://developer.pidgin.im/wiki/ChangeLog

VuXML ID

Description

59e7af2d-8db7-11de-883b-001e3300a30d

pidgin -- MSN overflow parsing SLP messages

Secunia reports:

A vulnerability has been reported in Pidgin, which can be exploited by malicious people to potentially compromise a user's system.

The vulnerability is caused due to an error in the "msn_slplink_process_msg()" function when processing MSN SLP messages and can be exploited to corrupt memory.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is reported in versions 2.5.8 and prior. Other versions may also be affected.

Discovery 2009-08-18
Entry 2009-08-20
pidgin
libpurple
finch

< 2.5.9

CVE-2009-2694
http://secunia.com/advisories/36384/
http://www.pidgin.im/news/security/?id=34

a2c4d3d5-4c7b-11df-83fb-0015587e2cc1

pidgin -- multiple remote denial of service vulnerabilities

Three denial of service vulnerabilities where found in pidgin and allow remote attackers to crash the application. The developers summarized these problems as follows:

Pidgin can become unresponsive when displaying large numbers of smileys

Certain nicknames in group chat rooms can trigger a crash in Finch

Failure to validate all fields of an incoming message can trigger a crash

Discovery 2010-02-18
Entry 2010-04-20
pidgin

< 2.6.6

libpurple

< 2.6.6

38294
CVE-2010-0277
CVE-2010-0420
CVE-2010-0423
http://pidgin.im/news/security/?id=43
http://pidgin.im/news/security/?id=44
http://pidgin.im/news/security/?id=45

d057c5e6-5b20-11e4-bebd-000c2980a9f3

libpurple/pidgin -- multiple vulnerabilities

The pidgin development team reports:

.

Discovery 2014-10-22
Entry 2014-10-24
libpurple

< 2.10.10

pidgin

< 2.10.10

CVE-2014-3694
CVE-2014-3697
CVE-2014-3696
CVE-2014-3695
CVE-2014-3698
https://developer.pidgin.im/wiki/ChangeLog