Pidgin Oscar Protocol Denial Of Service Vulnerability (Win) Network Vulnerability

Summary

This host has Pidgin installed and is prone to Denial of Service vulnerability.

Impact

Successful exploitation will allow attacker to cause a Denial of Service. Impact Level: Application

Solution

Upgrade to Pidgin version 2.6.3 http://pidgin.im/download

Insight

This issue is caused by an error in the Oscar protocol plugin when processing malformed ICQ or AIM contacts sent by the SIM IM client, which could cause an invalid memory access leading to a crash.

Affected

Pidgin version prior to 2.6.3 on Windows.

References

http://developer.pidgin.im/wiki/ChangeLog
http://secunia.com/advisories/37072
http://www.pidgin.im/news/security/?id=41
http://xforce.iss.net/xforce/xfdb/53807

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-3615
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

at32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerability
Firefox 'nsObserverList::FillObserverArray' DOS Vulnerability (Win)
Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities
F-PROT Antivirus Multiple Vulnerabilities
Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Win

Pidgin Oscar Protocol Denial of Service Vulnerability (Win)

Take action and discover your vulnerabilities