Описание
libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote attackers to cause a denial of service (crash) via a nudge message that triggers an access of "an invalid memory location."
libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote attackers to cause a denial of service (crash) via a nudge message that triggers an access of "an invalid memory location."
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-4996
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36884
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18261
- http://fedoranews.org/updates/FEDORA-2007-236.shtml
- http://secunia.com/advisories/27010
- http://secunia.com/advisories/27088
- http://www.pidgin.im/news/security/?id=23
- http://www.securityfocus.com/archive/1/481402/100/0/threaded
- http://www.securityfocus.com/bid/25872
- http://www.vupen.com/english/advisories/2007/3321
EPSS
CVE ID
Связанные уязвимости
libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote attackers to cause a denial of service (crash) via a nudge message that triggers an access of "an invalid memory location."
libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote attackers to cause a denial of service (crash) via a nudge message that triggers an access of "an invalid memory location."
libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote attackers to cause a denial of service (crash) via a nudge message that triggers an access of "an invalid memory location."
libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge me ...
EPSS