Test ID:	1.3.6.1.4.1.25623.1.0.801536
Category:	Denial of Service
Title:	Pidgin Libpurple 'purple_base64_decode()' DoS Vulnerabilities - Windows
Summary:	Pidgin is prone to denial of service (DoS) vulnerabilities.
Description:	Summary: Pidgin is prone to denial of service (DoS) vulnerabilities. Vulnerability Insight: The issues are caused by errors in 'libpurple' that does not validate the return value from 'purple_base64_decode()' function when processing malformed Yahoo!, MSN, MySpaceIM, XMPP or NTLM data. Vulnerability Impact: Attackers can exploit this issue to crash an affected application. Affected Software/OS: Pidgin version prior to 2.7.4 on Windows. Solution: Upgrade to Pidgin version 2.7.4 or later. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3711 1024623 http://securitytracker.com/id?1024623 41893 http://secunia.com/advisories/41893 41899 http://secunia.com/advisories/41899 42075 http://secunia.com/advisories/42075 42294 http://secunia.com/advisories/42294 44283 http://www.securityfocus.com/bid/44283 68773 http://www.osvdb.org/68773 ADV-2010-2753 http://www.vupen.com/english/advisories/2010/2753 ADV-2010-2754 http://www.vupen.com/english/advisories/2010/2754 ADV-2010-2755 http://www.vupen.com/english/advisories/2010/2755 ADV-2010-2847 http://www.vupen.com/english/advisories/2010/2847 ADV-2010-2851 http://www.vupen.com/english/advisories/2010/2851 ADV-2010-2870 http://www.vupen.com/english/advisories/2010/2870 FEDORA-2010-16629 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050227.html FEDORA-2010-16876 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050133.html FEDORA-2010-17130 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050695.html MDVSA-2010:208 http://www.mandriva.com/security/advisories?name=MDVSA-2010:208 RHSA-2010:0788 http://www.redhat.com/support/errata/RHSA-2010-0788.html RHSA-2010:0890 http://www.redhat.com/support/errata/RHSA-2010-0890.html SSA:2010-305-02 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.462352 USN-1014-1 http://www.ubuntu.com/usn/USN-1014-1 http://developer.pidgin.im/viewmtn/revision/info/b01c6a1f7fe4d86b83f5f10917b3cb713989cfcc http://pidgin.im/news/security/?id=48 https://bugzilla.redhat.com/show_bug.cgi?id=641921 oval:org.mitre.oval:def:18506 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18506 pidgin-purplebase64decode-dos(62708) https://exchange.xforce.ibmcloud.com/vulnerabilities/62708
Copyright	Copyright (C) 2010 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.