- Home
- CVEs with nessus.description==The version of Pidgin installed on the remote host is a version prior to 2.10.10. It is, therefore, affected by the following vulnerabilities :
- An error exists in the included libpurple library related the SSL Basic Constraints extension and Certificate Authority (CA) verification that allows intermediate certificates to be trusted as a CA.
(CVE-2014-3694)
- An error exists in the included libpurple library related to emoticon handling that allows an attacker to crash the application. (CVE-2014-3695)
- An error exists in the included libpurple library related to 'Groupwise' message handling and UI memory management that allows an attacker to crash the application. (CVE-2014-3696)
- An error exists related to handling 'untar' operations on 'smiley themes' that allows arbitrary file overwrites. This issue only affects installs on Microsoft Windows. (CVE-2014-3697)
- An error exists in the included libpurple library related to handling XMPP messages that allows an attacker to obtain arbitrary memory contents.
(CVE-2014-3698)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top