Test ID:	1.3.6.1.4.1.25623.1.0.802906
Category:	Denial of Service
Title:	Pidgin MSN and XMPP Denial of Service Vulnerabilities - Windows
Summary:	This host has installed with Pidgin and is prone to denial of; service vulnerabilities.
Description:	Summary: This host has installed with Pidgin and is prone to denial of service vulnerabilities. Vulnerability Insight: - An error in 'msn_message_parse_payload()' function handling messages with certain characters or character encodings can be exploited to cause a crash. - An error in SOCKS5 proxy handling code can be exploited to dereference an invalid pointer and cause a crash by sending multiple specially crafted file transfer requests. Vulnerability Impact: Successful exploitation will allow attacker to crash the affected application. Affected Software/OS: Pidgin version prior 2.10.4 on Windows Solution: Upgrade to Pidgin version 2.10.4 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2318 BugTraq ID: 53400 http://www.securityfocus.com/bid/53400 http://www.mandriva.com/security/advisories?name=MDVSA-2012:082 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17448 RedHat Security Advisories: RHSA-2012:1102 http://rhn.redhat.com/errata/RHSA-2012-1102.html http://secunia.com/advisories/50005 SuSE Security Announcement: openSUSE-SU-2012:0866 (Google Search) https://hermes.opensuse.org/messages/15136503 Common Vulnerability Exposure (CVE) ID: CVE-2012-2214 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17886
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.