ID CVE-2008-2956
Summary ** DISPUTED ** Memory leak in Pidgin 2.0.0, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption) via malformed XML documents. NOTE: this issue has been disputed by the upstream vendor, who states: "I was never able to identify a scenario under which a problem occurred and the original reporter wasn't able to supply any sort of reproduction details."
References
Vulnerable Configurations
  • cpe:2.3:a:pidgin:pidgin:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:pidgin:pidgin:2.0.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 11-10-2018 - 20:45)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 29985
bugtraq 20080806 rPSA-2008-0246-1 gaim
confirm
misc http://crisp.cs.du.edu/?q=ca2007-1
mlist [oss-security] 20080627 CVE Request (pidgin)
secunia 31387
Last major update 11-10-2018 - 20:45
Published 01-07-2008 - 22:41
Last modified 11-10-2018 - 20:45
Back to Top