PT-2012-3949 · Pidgin+3 · Libpurple+4

Publicado

2012-07-03

·

Atualizado

2017-12-29

·

CVE-2012-2318

CVSS v2.0

5.0

Média

VetorAV:N/AC:L/Au:N/C:N/I:N/A:P
Name of the Vulnerable Software and Affected Versions Pidgin versions prior to 2.10.4
Description The issue is related to the MSN protocol plugin in libpurple, where crafted characters in a text/plain message can cause a denial of service, resulting in an application crash.
Recommendations For versions prior to 2.10.4, update to version 2.10.4 or later to resolve the issue.

Exploit

Correção

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CESA-2012_1102
CVE-2012-2318
RHSA-2012:1102
RHSA-2012_1102

Produtos afetados

Centos
Pidgin
Red Hat
Suse
Libpurple