ID CVE-2008-2956
Summary Memory leak in Pidgin 2.0.0, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption) via malformed XML documents. NOTE: this issue has been disputed by the upstream vendor, who states: "I was never able to identify a scenario under which a problem occurred and the original reporter wasn't able to supply any sort of reproduction details."
References
Vulnerable Configurations
  • cpe:2.3:a:pidgin:pidgin:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:pidgin:pidgin:2.0.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 21-03-2024 - 02:17)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 29985
bugtraq 20080806 rPSA-2008-0246-1 gaim
confirm
misc http://crisp.cs.du.edu/?q=ca2007-1
mlist [oss-security] 20080627 CVE Request (pidgin)
secunia 31387
Last major update 21-03-2024 - 02:17
Published 01-07-2008 - 22:41
Last modified 21-03-2024 - 02:17
Back to Top