PT-2010-2192 · Pidgin+1 · Pidgin+1
Sadrul Habib Chowdhury
·
Publicado
2010-02-18
·
Atualizado
2017-09-19
·
CVE-2010-0420
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Pidgin versions prior to 2.6.6
Description
The issue is related to the parsing of nicknames in XMPP multi-user chat rooms. When a nickname contains a specific sequence, it can cause the application to crash, resulting in a denial of service. This is due to the improper parsing of nicknames containing
<br> sequences.Recommendations
For versions prior to 2.6.6, update to version 2.6.6 or later to resolve the issue. As a temporary workaround, consider restricting the use of nicknames containing
<br> sequences in XMPP multi-user chat rooms to minimize the risk of exploitation.Correção
DoS
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Pidgin
Red Hat