CVE-2013-0271

Related Files

Gentoo Linux Security Advisory 201405-22

Posted May 19, 2014

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201405-22 - Multiple vulnerabilities in Pidgin may allow execution of arbitrary code. Versions less than 2.10.9 are affected.

tags | advisory, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2012-6152, CVE-2013-0271, CVE-2013-0272, CVE-2013-0273, CVE-2013-0274, CVE-2013-6477, CVE-2013-6478, CVE-2013-6479, CVE-2013-6481, CVE-2013-6482, CVE-2013-6483, CVE-2013-6484, CVE-2013-6485, CVE-2013-6487, CVE-2013-6489, CVE-2013-6490, CVE-2014-0020

SHA-256 | d6ade25d1829f578c0c4b87491c29680a25c44d0e8a781b9891d64b725a269ed

Download | Favorite | View

Mandriva Linux Security Advisory 2013-025

Posted Mar 14, 2013

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-025 - The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted mxit/imagestrips pathname. Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header. sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service via a crafted packet. upnp.c in libpurple in Pidgin before 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote attackers to cause a denial of service by leveraging access to the local network. This update provides pidgin 2.10.7, which is not vulnerable to these issues.

tags | advisory, remote, web, denial of service, overflow, arbitrary, local, protocol

systems | linux, mandriva

advisories | CVE-2013-0271, CVE-2013-0272, CVE-2013-0273, CVE-2013-0274

SHA-256 | 1947a7196d370ec292c6d6196bc378f7ab94ffd059b4a95d0ad67f48a214a6e6

Download | Favorite | View

Ubuntu Security Notice USN-1746-1

Posted Feb 25, 2013

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1746-1 - Chris Wysopal discovered that Pidgin incorrectly handled file transfers in the MXit protocol handler. A remote attacker could use this issue to create or overwrite arbitrary files. This issue only affected Ubuntu 11.10, Ubuntu 12.04 LTS and Ubuntu 12.10. It was discovered that Pidgin incorrectly handled long HTTP headers in the MXit protocol handler. A malicious remote server could use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, web, arbitrary, protocol

systems | linux, ubuntu

advisories | CVE-2013-0271, CVE-2013-0272, CVE-2013-0273, CVE-2013-0274, CVE-2013-0271, CVE-2013-0272, CVE-2013-0273, CVE-2013-0274

SHA-256 | cab8da5f6e98651feb98f652311a38e0a1209f3942cdce9adda737ce25ba333d

Download | Favorite | View

Slackware Security Advisory - Pidgin Updates

Posted Feb 14, 2013

Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New pidgin packages are available for Slackware 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues.

tags | advisory

systems | linux, slackware

advisories | CVE-2013-0271, CVE-2013-0272, CVE-2013-0273, CVE-2013-0274

SHA-256 | 4b6f131bd8e719fd8ff262590dbb3da0c22a6604e04ce625b7d0bb362f40453a

Download | Favorite | View