Summary
This host has Pidgin installed and is prone to multiple vulnerabilities.
Impact
Successful exploitation will let the attacker obtain sensitive information by sniffing XMPP sessions and cause application crash.
Impact Level: Application
Solution
Upgrade to Pidgin version 2.6.1
http://pidgin.im/download
Insight
- The application connects to Jabberd servers that are not fully compliant with the XMPP specifications without encryption, even if the 'Require SSL/TLS' setting is configured.
- An error ocurrs in compililg libpurple while processing malicious links received via the Yahoo Messenger protocol.
Affected
Pidgin version 2.6.0 on Windows
References
Severity
Classification
-
CVE CVE-2009-3025, CVE-2009-3026 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Tomcat servlet/JSP container default files
- Adobe Digital Edition Information Disclosure Vulnerability (Mac OS X)
- Adobe Reader Information Disclosure Vulnerability Jun05 (Mac OS X)
- Adobe Flash Player Unspecified Cross-Site Scripting Vulnerability June-2011 (Linux)
- Adobe Reader Multiple Vulnerabilities - Aug07 (Linux)