Back to search
CVE-2011-3184
Published: Aug 29, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.0 does not properly handle HTTP 100 responses, which allows remote attackers to cause a denial of service (incorrect memory access and application crash) via vectors involving a crafted server message.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
FEDORA-2011-11544
vendor-advisory
x_refsource_FEDORA
[oss-security] 20110822 Re: CVE request: Pidgin crash
mailing-list
x_refsource_MLIST
oval:org.mitre.oval:def:18284
vdb-entry
signature
x_refsource_OVAL
pidgin-msn-protocol-dos(69341)
vdb-entry
x_refsource_XF
http://pidgin.im/news/security/?id=54
x_refsource_CONFIRM
45663
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20110822 Re: CVE request: Pidgin crash
mailing-list
x_refsource_MLIST
[oss-security] 20110822 Re: CVE request: Pidgin crash
mailing-list
x_refsource_MLIST
FEDORA-2011-11595
vendor-advisory
x_refsource_FEDORA
45916
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20110822 Re: CVE request: Pidgin crash
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=732405
x_refsource_CONFIRM
49268
vdb-entry
x_refsource_BID
1025961
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now