Denial of Service : Pidgin Oscar Protocol Denial of Service Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.801030

Categoría: Denial of Service

Título: Pidgin Oscar Protocol Denial of Service Vulnerability - Windows

Resumen: Pidgin is prone to a denial of service (DoS); vulnerability.

Descripción: Summary:
Pidgin is prone to a denial of service (DoS)
vulnerability.

Vulnerability Insight:
This issue is caused by an error in the Oscar protocol plugin when processing
malformed ICQ or AIM contacts sent by the SIM IM client, which could cause an
invalid memory access leading to a crash.

Vulnerability Impact:
Successful exploitation will allow attacker to cause a Denial of Service.

Affected Software/OS:
Pidgin version prior to 2.6.3 on Windows.

Solution:
Upgrade to Pidgin version 2.6.3.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-3615
36719
http://www.securityfocus.com/bid/36719
37017
http://secunia.com/advisories/37017
37072
http://secunia.com/advisories/37072
ADV-2009-2949
http://www.vupen.com/english/advisories/2009/2949
ADV-2009-2951
http://www.vupen.com/english/advisories/2009/2951
ADV-2010-1020
http://www.vupen.com/english/advisories/2010/1020
MDVSA-2010:085
http://www.mandriva.com/security/advisories?name=MDVSA-2010:085
http://developer.pidgin.im/ticket/10481
http://developer.pidgin.im/viewmtn/revision/info/781682333aea0c801d280c3507ee25552a60bfc0
http://developer.pidgin.im/wiki/ChangeLog
http://www.pidgin.im/news/security/?id=41
oval:org.mitre.oval:def:18388
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18388
oval:org.mitre.oval:def:9414
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9414
pidgin-oscar-protocol-dos(53807)
https://exchange.xforce.ibmcloud.com/vulnerabilities/53807

Copyright Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.801030
Categoría:	Denial of Service
Título:	Pidgin Oscar Protocol Denial of Service Vulnerability - Windows
Resumen:	Pidgin is prone to a denial of service (DoS); vulnerability.
Descripción:	Summary: Pidgin is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: This issue is caused by an error in the Oscar protocol plugin when processing malformed ICQ or AIM contacts sent by the SIM IM client, which could cause an invalid memory access leading to a crash. Vulnerability Impact: Successful exploitation will allow attacker to cause a Denial of Service. Affected Software/OS: Pidgin version prior to 2.6.3 on Windows. Solution: Upgrade to Pidgin version 2.6.3. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3615 36719 http://www.securityfocus.com/bid/36719 37017 http://secunia.com/advisories/37017 37072 http://secunia.com/advisories/37072 ADV-2009-2949 http://www.vupen.com/english/advisories/2009/2949 ADV-2009-2951 http://www.vupen.com/english/advisories/2009/2951 ADV-2010-1020 http://www.vupen.com/english/advisories/2010/1020 MDVSA-2010:085 http://www.mandriva.com/security/advisories?name=MDVSA-2010:085 http://developer.pidgin.im/ticket/10481 http://developer.pidgin.im/viewmtn/revision/info/781682333aea0c801d280c3507ee25552a60bfc0 http://developer.pidgin.im/wiki/ChangeLog http://www.pidgin.im/news/security/?id=41 oval:org.mitre.oval:def:18388 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18388 oval:org.mitre.oval:def:9414 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9414 pidgin-oscar-protocol-dos(53807) https://exchange.xforce.ibmcloud.com/vulnerabilities/53807
Copyright	Copyright (C) 2009 Greenbone AG