|Max CVSS||5.0||Min CVSS||2.1||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or other representation of memory contents.
|19-09-2017 - 01:34||08-08-2012 - 10:26|
The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing fields in (1) voice-chat and (2) video-chat stanzas, which allows remote attackers to cause a denial of service (application crash) via a crafted message.
|19-09-2017 - 01:34||17-12-2011 - 03:54|
family_feedbag.c in the oscar protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attackers to cause a denial of service (application crash) via a crafted (1) AIM or
|19-09-2017 - 01:34||25-12-2011 - 01:55|
libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allo
|19-09-2017 - 01:32||14-03-2011 - 19:55|