| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-2927 | 6.8 |
Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to
|
13-02-2023 - 02:19 | 07-07-2008 - 23:41 | |
| CVE-2008-2955 | 4.3 |
Pidgin 2.4.1 allows remote attackers to cause a denial of service (crash) via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msn_slplink_process_msg function.
|
11-10-2018 - 20:45 | 01-07-2008 - 22:41 | |
| CVE-2008-3532 | 6.8 |
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service.
|
29-09-2017 - 01:31 | 08-08-2008 - 19:41 | |
| CVE-2008-2957 | 6.4 |
The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service (memory or disk consumption) via a UDP packet that specifies an arbitrary URL.
|
29-09-2017 - 01:31 | 01-07-2008 - 22:41 |