Back to search
CVE-2010-4528
Published: Jan 7, 2011
Modified: Aug 7, 2024
PUBLISHED
Description
directconn.c in the MSN protocol plugin in libpurple 2.7.6 through 2.7.8 in Pidgin before 2.7.9 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a short p2pv2 packet in a DirectConnect (aka direct connection) session.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=665421
x_refsource_CONFIRM
SUSE-SR:2011:001
vendor-advisory
x_refsource_SUSE
http://www.pidgin.im/news/security/?id=49
x_refsource_CONFIRM
MDVSA-2010:259
vendor-advisory
x_refsource_MANDRIVA
oval:org.mitre.oval:def:18461
vdb-entry
signature
x_refsource_OVAL
45581
vdb-entry
x_refsource_BID
42877
third-party-advisory
x_refsource_SECUNIA
ADV-2011-0028
vdb-entry
x_refsource_VUPEN
[support] 20101227 Pidgin 2.7.9 released
mailing-list
x_refsource_MLIST
42732
third-party-advisory
x_refsource_SECUNIA
ADV-2011-0076
vdb-entry
x_refsource_VUPEN
ADV-2011-0054
vdb-entry
x_refsource_VUPEN
FEDORA-2010-19314
vendor-advisory
x_refsource_FEDORA
FEDORA-2010-19317
vendor-advisory
x_refsource_FEDORA
42824
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now