QwikSec

Security Database

CVE

CWE

Training

CVE-2011-1091

Published: Mar 14, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yahoo! servers to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG SMS message.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_VUPEN

vendor-advisory

x_refsource_REDHAT

openSUSE-SU-2012:0066

vendor-advisory

x_refsource_SUSE

http://developer.pidgin.im/viewmtn/revision/diff/5cbe18129b6e7c660bc093f7e5e1414ceca17d04/with/a7c415abba1f5f01f79295337518837f73d99bb7/libpurple/protocols/yahoo/libymsg.c

x_refsource_CONFIRM

http://www.pidgin.im/news/security/?id=51

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

https://bugzilla.redhat.com/show_bug.cgi?id=683031

x_refsource_CONFIRM

vdb-entry

x_refsource_VUPEN

FEDORA-2011-3150

vendor-advisory

x_refsource_FEDORA

third-party-advisory

x_refsource_SECUNIA

SSA:2011-070-02

vendor-advisory

x_refsource_SLACKWARE

pidgin-yahoo-protocol-dos(66055)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_REDHAT

oval:org.mitre.oval:def:18402

vdb-entry

signature

x_refsource_OVAL

vdb-entry

x_refsource_VUPEN

http://developer.pidgin.im/viewmtn/revision/info/a7c415abba1f5f01f79295337518837f73d99bb7

x_refsource_CONFIRM

FEDORA-2011-3113

vendor-advisory

x_refsource_FEDORA

vdb-entry

x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.