Back to search
CVE-2010-3711
Published: Oct 27, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins for MSN, MySpaceIM, XMPP, and Yahoo! and the NTLM authentication support.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
FEDORA-2010-17130
vendor-advisory
x_refsource_FEDORA
RHSA-2010:0788
vendor-advisory
x_refsource_REDHAT
ADV-2010-2753
vdb-entry
x_refsource_VUPEN
pidgin-purplebase64decode-dos(62708)
vdb-entry
x_refsource_XF
ADV-2010-2754
vdb-entry
x_refsource_VUPEN
SSA:2010-305-02
vendor-advisory
x_refsource_SLACKWARE
FEDORA-2010-16629
vendor-advisory
x_refsource_FEDORA
1024623
vdb-entry
x_refsource_SECTRACK
44283
vdb-entry
x_refsource_BID
42294
third-party-advisory
x_refsource_SECUNIA
42075
third-party-advisory
x_refsource_SECUNIA
68773
vdb-entry
x_refsource_OSVDB
RHSA-2010:0890
vendor-advisory
x_refsource_REDHAT
USN-1014-1
vendor-advisory
x_refsource_UBUNTU
41893
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=641921
x_refsource_CONFIRM
ADV-2010-2851
vdb-entry
x_refsource_VUPEN
ADV-2010-2847
vdb-entry
x_refsource_VUPEN
FEDORA-2010-16876
vendor-advisory
x_refsource_FEDORA
41899
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:18506
vdb-entry
signature
x_refsource_OVAL
ADV-2010-2755
vdb-entry
x_refsource_VUPEN
ADV-2010-2870
vdb-entry
x_refsource_VUPEN
MDVSA-2010:208
vendor-advisory
x_refsource_MANDRIVA
http://pidgin.im/news/security/?id=48
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now