ID CVE-2012-3374
Summary Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message.
References
Vulnerable Configurations
  • Pidgin 2.0.0
    cpe:2.3:a:pidgin:pidgin:2.0.0
  • Pidgin 2.0.1
    cpe:2.3:a:pidgin:pidgin:2.0.1
  • Pidgin 2.0.2
    cpe:2.3:a:pidgin:pidgin:2.0.2
  • Pidgin 2.1.0
    cpe:2.3:a:pidgin:pidgin:2.1.0
  • Pidgin 2.1.1
    cpe:2.3:a:pidgin:pidgin:2.1.1
  • Pidgin 2.2.0
    cpe:2.3:a:pidgin:pidgin:2.2.0
  • Pidgin 2.2.1
    cpe:2.3:a:pidgin:pidgin:2.2.1
  • Pidgin 2.2.2
    cpe:2.3:a:pidgin:pidgin:2.2.2
  • Pidgin 2.3.0
    cpe:2.3:a:pidgin:pidgin:2.3.0
  • Pidgin 2.3.1
    cpe:2.3:a:pidgin:pidgin:2.3.1
  • Pidgin 2.4.0
    cpe:2.3:a:pidgin:pidgin:2.4.0
  • Pidgin 2.4.1
    cpe:2.3:a:pidgin:pidgin:2.4.1
  • Pidgin 2.4.2
    cpe:2.3:a:pidgin:pidgin:2.4.2
  • Pidgin 2.4.3
    cpe:2.3:a:pidgin:pidgin:2.4.3
  • Pidgin 2.5.0
    cpe:2.3:a:pidgin:pidgin:2.5.0
  • Pidgin 2.5.1
    cpe:2.3:a:pidgin:pidgin:2.5.1
  • Pidgin 2.5.2
    cpe:2.3:a:pidgin:pidgin:2.5.2
  • Pidgin 2.5.3
    cpe:2.3:a:pidgin:pidgin:2.5.3
  • Pidgin 2.5.4
    cpe:2.3:a:pidgin:pidgin:2.5.4
  • Pidgin 2.5.5
    cpe:2.3:a:pidgin:pidgin:2.5.5
  • Pidgin 2.5.6
    cpe:2.3:a:pidgin:pidgin:2.5.6
  • Pidgin 2.5.6
    cpe:2.3:a:pidgin:pidgin:2.5.7
  • Pidgin 2.5.8
    cpe:2.3:a:pidgin:pidgin:2.5.8
  • Pidgin 2.5.9
    cpe:2.3:a:pidgin:pidgin:2.5.9
  • Pidgin 2.6.0
    cpe:2.3:a:pidgin:pidgin:2.6.0
  • Pidgin 2.6.1
    cpe:2.3:a:pidgin:pidgin:2.6.1
  • Pidgin 2.6.2
    cpe:2.3:a:pidgin:pidgin:2.6.2
  • Pidgin 2.6.4
    cpe:2.3:a:pidgin:pidgin:2.6.4
  • Pidgin 2.6.5
    cpe:2.3:a:pidgin:pidgin:2.6.5
  • Pidgin 2.6.6
    cpe:2.3:a:pidgin:pidgin:2.6.6
  • Pidgin 2.7.0
    cpe:2.3:a:pidgin:pidgin:2.7.0
  • Pidgin 2.7.1
    cpe:2.3:a:pidgin:pidgin:2.7.1
  • Pidgin 2.7.2
    cpe:2.3:a:pidgin:pidgin:2.7.2
  • Pidgin 2.7.3
    cpe:2.3:a:pidgin:pidgin:2.7.3
  • Pidgin 2.7.4
    cpe:2.3:a:pidgin:pidgin:2.7.4
  • Pidgin 2.7.5
    cpe:2.3:a:pidgin:pidgin:2.7.5
  • Pidgin 2.7.6
    cpe:2.3:a:pidgin:pidgin:2.7.6
  • Pidgin 2.7.7
    cpe:2.3:a:pidgin:pidgin:2.7.7
  • Pidgin 2.7.8
    cpe:2.3:a:pidgin:pidgin:2.7.8
  • Pidgin 2.7.9
    cpe:2.3:a:pidgin:pidgin:2.7.9
  • Pidgin 2.7.10
    cpe:2.3:a:pidgin:pidgin:2.7.10
  • Pidgin 2.7.11
    cpe:2.3:a:pidgin:pidgin:2.7.11
  • Pidgin 2.8.0
    cpe:2.3:a:pidgin:pidgin:2.8.0
  • Pidgin 2.9.0
    cpe:2.3:a:pidgin:pidgin:2.9.0
  • Pidgin 2.10.0
    cpe:2.3:a:pidgin:pidgin:2.10.0
  • Pidgin 2.10.1
    cpe:2.3:a:pidgin:pidgin:2.10.1
  • Pidgin 2.10.2
    cpe:2.3:a:pidgin:pidgin:2.10.2
  • Pidgin 2.10.3
    cpe:2.3:a:pidgin:pidgin:2.10.3
  • Pidgin 2.10.4
    cpe:2.3:a:pidgin:pidgin:2.10.4
CVSS
Base: 7.5 (as of 09-07-2012 - 10:32)
Impact:
Exploitability:
CWE CWE-119
CAPEC
  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
  • Overflow Binary Resource File
    An attack of this type exploits a buffer overflow vulnerability in the handling of binary resources. Binary resources may include music files like MP3, image files like JPEG files, and any other binary file. These attacks may pass unnoticed to the client machine through normal usage of files, such as a browser loading a seemingly innocent JPEG file. This can allow the attacker access to the execution stack and execute arbitrary code in the target process. This attack pattern is a variant of standard buffer overflow attacks using an unexpected vector (binary files) to wrap its attack and open up a new attack vector. The attacker is required to either directly serve the binary content to the victim, or place it in a locale like a MP3 sharing application, for the victim to download. The attacker then is notified upon the download or otherwise locates the vulnerability opened up by the buffer overflow.
  • Buffer Overflow via Symbolic Links
    This type of attack leverages the use of symbolic links to cause buffer overflows. An attacker can try to create or manipulate a symbolic link file such that its contents result in out of bounds data. When the target software processes the symbolic link file, it could potentially overflow internal buffers with insufficient bounds checking.
  • Overflow Variables and Tags
    This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The attacker crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.
  • Buffer Overflow via Parameter Expansion
    In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.
  • Buffer Overflow in an API Call
    This attack targets libraries or shared code modules which are vulnerable to buffer overflow attacks. An attacker who has access to an API may try to embed malicious code in the API function call and exploit a buffer overflow vulnerability in the function's implementation. All clients that make use of the code library thus become vulnerable by association. This has a very broad effect on security across a system, usually affecting more than one software process.
  • Buffer Overflow in Local Command-Line Utilities
    This attack targets command-line utilities available in a number of shells. An attacker can leverage a vulnerability found in a command-line utility to escalate privilege to root.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_PIDGIN_20130716.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message. (CVE-2012-3374)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80739
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80739
    title Oracle Solaris Third-Party Patch Update : pidgin (cve_2012_3374_buffer_overflow)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2012-195-02.NASL
    description New pidgin packages are available for Slackware 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.
    last seen 2019-02-21
    modified 2016-05-12
    plugin id 59971
    published 2012-07-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59971
    title Slackware 12.2 / 13.0 / 13.1 / 13.37 / current : pidgin (SSA:2012-195-02)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_FINCH-8220.NASL
    description This update of pidgin fixes a stack-based buffer overflow in the MXit protocol which could have potentially been exploited by remote attackers to execute arbitrary code in the context of the user running pidgin. (CVE-2012-3374)
    last seen 2019-02-21
    modified 2012-07-19
    plugin id 60059
    published 2012-07-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60059
    title SuSE 10 Security Update : pidgin, finch and libpurple (ZYPP Patch Number 8220)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1500-1.NASL
    description Evgeny Boger discovered that Pidgin incorrectly handled buddy list messages in the AIM and ICQ protocol handlers. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10. (CVE-2011-4601) Thijs Alkemade discovered that Pidgin incorrectly handled malformed voice and video chat requests in the XMPP protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10. (CVE-2011-4602) Diego Bauche Madero discovered that Pidgin incorrectly handled UTF-8 sequences in the SILC protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10. (CVE-2011-4603) Julia Lawall discovered that Pidgin incorrectly cleared memory contents used in cryptographic operations. An attacker could exploit this to read the memory contents, leading to an information disclosure. This issue only affected Ubuntu 10.04 LTS. (CVE-2011-4922) Clemens Huebner and Kevin Stange discovered that Pidgin incorrectly handled nickname changes inside chat rooms in the XMPP protocol handler. A remote attacker could exploit this by changing nicknames, leading to a denial of service. This issue only affected Ubuntu 11.10. (CVE-2011-4939) Thijs Alkemade discovered that Pidgin incorrectly handled off-line instant messages in the MSN protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10. (CVE-2012-1178) Jose Valentin Gutierrez discovered that Pidgin incorrectly handled SOCKS5 proxy connections during file transfer requests in the XMPP protocol handler. A remote attacker could send a specially crafted request and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 12.04 LTS and 11.10. (CVE-2012-2214) Fabian Yamaguchi discovered that Pidgin incorrectly handled malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. (CVE-2012-2318) Ulf Harnhammar discovered that Pidgin incorrectly handled messages with in-line images in the MXit protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges. (CVE-2012-3374). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 59903
    published 2012-07-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59903
    title Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : pidgin vulnerabilities (USN-1500-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-10294.NASL
    description New release 2.10.5 Full Upstream ChangeLog : http://developer.pidgin.im/wiki/ChangeLog Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 59976
    published 2012-07-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59976
    title Fedora 16 : pidgin-2.10.5-1.fc16 (2012-10294)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-1102.NASL
    description From Red Hat Security Advisory 2012:1102 : Updated pidgin packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A flaw was found in the way the Pidgin MSN protocol plug-in processed text that was not encoded in UTF-8. A remote attacker could use this flaw to crash Pidgin by sending a specially crafted MSN message. (CVE-2012-1178) An input validation flaw was found in the way the Pidgin MSN protocol plug-in handled MSN notification messages. A malicious server or a remote attacker could use this flaw to crash Pidgin by sending a specially crafted MSN notification message. (CVE-2012-2318) A buffer overflow flaw was found in the Pidgin MXit protocol plug-in. A remote attacker could use this flaw to crash Pidgin by sending a MXit message containing specially crafted emoticon tags. (CVE-2012-3374) Red Hat would like to thank the Pidgin project for reporting the CVE-2012-3374 issue. Upstream acknowledges Ulf Harnhammar as the original reporter of CVE-2012-3374. All Pidgin users should upgrade to these updated packages, which contain backported patches to resolve these issues. Pidgin must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68584
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68584
    title Oracle Linux 6 : pidgin (ELSA-2012-1102)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20120719_PIDGIN_ON_SL5_X.NASL
    description Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A flaw was found in the way the Pidgin MSN protocol plug-in processed text that was not encoded in UTF-8. A remote attacker could use this flaw to crash Pidgin by sending a specially crafted MSN message. (CVE-2012-1178) An input validation flaw was found in the way the Pidgin MSN protocol plug-in handled MSN notification messages. A malicious server or a remote attacker could use this flaw to crash Pidgin by sending a specially crafted MSN notification message. (CVE-2012-2318) A buffer overflow flaw was found in the Pidgin MXit protocol plug-in. A remote attacker could use this flaw to crash Pidgin by sending a MXit message containing specially crafted emoticon tags. (CVE-2012-3374) All Pidgin users should upgrade to these updated packages, which contain backported patches to resolve these issues. Pidgin must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 61370
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61370
    title Scientific Linux Security Update : pidgin on SL5.x, SL6.x i386/x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_FINCH-120712.NASL
    description This update of pidgin fixes a stack-based buffer overflow in the MXit protocol which could have potentially been exploited by remote attackers to execute arbitrary code in the context of the user running pidgin. (CVE-2012-3374)
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 64130
    published 2013-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64130
    title SuSE 11.1 Security Update : pidgin, finch and libpurple (SAT Patch Number 6534)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201209-17.NASL
    description The remote host is affected by the vulnerability described in GLSA-201209-17 (Pidgin: Arbitrary code execution) A stack-based buffer overflow vulnerability has been found in the MXit protocol plug-in for libpurple. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the Pidgin process, or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 62359
    published 2012-09-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62359
    title GLSA-201209-17 : Pidgin: Arbitrary code execution
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2012-1102.NASL
    description Updated pidgin packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A flaw was found in the way the Pidgin MSN protocol plug-in processed text that was not encoded in UTF-8. A remote attacker could use this flaw to crash Pidgin by sending a specially crafted MSN message. (CVE-2012-1178) An input validation flaw was found in the way the Pidgin MSN protocol plug-in handled MSN notification messages. A malicious server or a remote attacker could use this flaw to crash Pidgin by sending a specially crafted MSN notification message. (CVE-2012-2318) A buffer overflow flaw was found in the Pidgin MXit protocol plug-in. A remote attacker could use this flaw to crash Pidgin by sending a MXit message containing specially crafted emoticon tags. (CVE-2012-3374) Red Hat would like to thank the Pidgin project for reporting the CVE-2012-3374 issue. Upstream acknowledges Ulf Harnhammar as the original reporter of CVE-2012-3374. All Pidgin users should upgrade to these updated packages, which contain backported patches to resolve these issues. Pidgin must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 60067
    published 2012-07-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60067
    title CentOS 5 / 6 : pidgin (CESA-2012:1102)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-10287.NASL
    description New release 2.10.5 Full Upstream ChangeLog : http://developer.pidgin.im/wiki/ChangeLog Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 59941
    published 2012-07-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59941
    title Fedora 17 : pidgin-2.10.5-1.fc17 (2012-10287)
  • NASL family Windows
    NASL id PIDGIN_2_10_5.NASL
    description The version of Pidgin installed on the remote host is earlier than 2.10.5. As such, it is potentially affected by a stack-based buffer overflow vulnerability. An error in the function 'mxit_show_message' in the file 'libpurple/protocols/mxit/markup.c' can allow a stack-based buffer overflow to occur when parsing a received message containing inline images. This can result in application crashes and potentially arbitrary code execution.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 59969
    published 2012-07-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59969
    title Pidgin < 2.10.5 mxit_show_message Function RX Message Inline Image Parsing Remote Overflow
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2509.NASL
    description Ulf Harnhammar found a buffer overflow in Pidgin, a multi protocol instant messaging client. The vulnerability can be exploited by an incoming message in the MXit protocol plugin. A remote attacker may cause a crash, and in some circumstances can lead to remote code execution.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 59890
    published 2012-07-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59890
    title Debian DSA-2509-1 : pidgin - remote code execution
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2012-105.NASL
    description A vulnerability has been discovered and corrected in pidgin : Incorrect handing of inline images in incoming instant messages can cause a buffer overflow and in some cases can be exploited to execute arbitrary code (CVE-2012-3374). This update provides pidgin 2.10.6, which is not vulnerable to this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 61958
    published 2012-09-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61958
    title Mandriva Linux Security Advisory : pidgin (MDVSA-2012:105)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-1102.NASL
    description Updated pidgin packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A flaw was found in the way the Pidgin MSN protocol plug-in processed text that was not encoded in UTF-8. A remote attacker could use this flaw to crash Pidgin by sending a specially crafted MSN message. (CVE-2012-1178) An input validation flaw was found in the way the Pidgin MSN protocol plug-in handled MSN notification messages. A malicious server or a remote attacker could use this flaw to crash Pidgin by sending a specially crafted MSN notification message. (CVE-2012-2318) A buffer overflow flaw was found in the Pidgin MXit protocol plug-in. A remote attacker could use this flaw to crash Pidgin by sending a MXit message containing specially crafted emoticon tags. (CVE-2012-3374) Red Hat would like to thank the Pidgin project for reporting the CVE-2012-3374 issue. Upstream acknowledges Ulf Harnhammar as the original reporter of CVE-2012-3374. All Pidgin users should upgrade to these updated packages, which contain backported patches to resolve these issues. Pidgin must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 60076
    published 2012-07-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60076
    title RHEL 5 / 6 : pidgin (RHSA-2012:1102)
oval via4
accepted 2013-09-30T04:00:40.425-04:00
class vulnerability
contributors
name Shane Shaffer
organization G2, Inc.
definition_extensions
comment Pidgin is installed
oval oval:org.mitre.oval:def:12366
description Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message.
family windows
id oval:org.mitre.oval:def:17678
status accepted
submitted 2013-08-16T15:36:10.221-04:00
title Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message
version 4
redhat via4
advisories
bugzilla
id 837319
title CVE-2012-3374 pidgin: Stack-based buffer overwrite in MXit protocol libPurple plug-in
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment finch is earlier than 0:2.6.6-11.el5.4
          oval oval:com.redhat.rhsa:tst:20121102012
        • comment finch is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584016
      • AND
        • comment finch-devel is earlier than 0:2.6.6-11.el5.4
          oval oval:com.redhat.rhsa:tst:20121102008
        • comment finch-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584014
      • AND
        • comment libpurple is earlier than 0:2.6.6-11.el5.4
          oval oval:com.redhat.rhsa:tst:20121102016
        • comment libpurple is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584020
      • AND
        • comment libpurple-devel is earlier than 0:2.6.6-11.el5.4
          oval oval:com.redhat.rhsa:tst:20121102014
        • comment libpurple-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584018
      • AND
        • comment libpurple-perl is earlier than 0:2.6.6-11.el5.4
          oval oval:com.redhat.rhsa:tst:20121102010
        • comment libpurple-perl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584010
      • AND
        • comment libpurple-tcl is earlier than 0:2.6.6-11.el5.4
          oval oval:com.redhat.rhsa:tst:20121102018
        • comment libpurple-tcl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584012
      • AND
        • comment pidgin is earlier than 0:2.6.6-11.el5.4
          oval oval:com.redhat.rhsa:tst:20121102002
        • comment pidgin is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584008
      • AND
        • comment pidgin-devel is earlier than 0:2.6.6-11.el5.4
          oval oval:com.redhat.rhsa:tst:20121102006
        • comment pidgin-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584024
      • AND
        • comment pidgin-perl is earlier than 0:2.6.6-11.el5.4
          oval oval:com.redhat.rhsa:tst:20121102004
        • comment pidgin-perl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584022
  • AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhsa:tst:20100842001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhsa:tst:20100842002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20100842003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20100842004
    • OR
      • AND
        • comment finch is earlier than 0:2.7.9-5.el6.2
          oval oval:com.redhat.rhsa:tst:20121102026
        • comment finch is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100890020
      • AND
        • comment finch-devel is earlier than 0:2.7.9-5.el6.2
          oval oval:com.redhat.rhsa:tst:20121102028
        • comment finch-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100890012
      • AND
        • comment libpurple is earlier than 0:2.7.9-5.el6.2
          oval oval:com.redhat.rhsa:tst:20121102030
        • comment libpurple is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100890008
      • AND
        • comment libpurple-devel is earlier than 0:2.7.9-5.el6.2
          oval oval:com.redhat.rhsa:tst:20121102034
        • comment libpurple-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100890016
      • AND
        • comment libpurple-perl is earlier than 0:2.7.9-5.el6.2
          oval oval:com.redhat.rhsa:tst:20121102042
        • comment libpurple-perl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100890014
      • AND
        • comment libpurple-tcl is earlier than 0:2.7.9-5.el6.2
          oval oval:com.redhat.rhsa:tst:20121102036
        • comment libpurple-tcl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100890022
      • AND
        • comment pidgin is earlier than 0:2.7.9-5.el6.2
          oval oval:com.redhat.rhsa:tst:20121102024
        • comment pidgin is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100890006
      • AND
        • comment pidgin-devel is earlier than 0:2.7.9-5.el6.2
          oval oval:com.redhat.rhsa:tst:20121102040
        • comment pidgin-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100890018
      • AND
        • comment pidgin-docs is earlier than 0:2.7.9-5.el6.2
          oval oval:com.redhat.rhsa:tst:20121102038
        • comment pidgin-docs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100890024
      • AND
        • comment pidgin-perl is earlier than 0:2.7.9-5.el6.2
          oval oval:com.redhat.rhsa:tst:20121102032
        • comment pidgin-perl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100890010
rhsa
id RHSA-2012:1102
released 2012-07-19
severity Moderate
title RHSA-2012:1102: pidgin security update (Moderate)
rpms
  • finch-0:2.6.6-11.el5.4
  • finch-devel-0:2.6.6-11.el5.4
  • libpurple-0:2.6.6-11.el5.4
  • libpurple-devel-0:2.6.6-11.el5.4
  • libpurple-perl-0:2.6.6-11.el5.4
  • libpurple-tcl-0:2.6.6-11.el5.4
  • pidgin-0:2.6.6-11.el5.4
  • pidgin-devel-0:2.6.6-11.el5.4
  • pidgin-perl-0:2.6.6-11.el5.4
  • finch-0:2.7.9-5.el6.2
  • finch-devel-0:2.7.9-5.el6.2
  • libpurple-0:2.7.9-5.el6.2
  • libpurple-devel-0:2.7.9-5.el6.2
  • libpurple-perl-0:2.7.9-5.el6.2
  • libpurple-tcl-0:2.7.9-5.el6.2
  • pidgin-0:2.7.9-5.el6.2
  • pidgin-devel-0:2.7.9-5.el6.2
  • pidgin-docs-0:2.7.9-5.el6.2
  • pidgin-perl-0:2.7.9-5.el6.2
refmap via4
confirm
mandriva MDVSA-2012:105
secunia 50005
suse SUSE-SU-2012:0890
Last major update 10-10-2014 - 00:54
Published 07-07-2012 - 06:21
Last modified 30-11-2017 - 21:29
Back to Top