Max CVSS | 6.4 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2014-3694 | 6.4 |
The (1) bundled GnuTLS SSL/TLS plugin and the (2) bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows m
|
30-10-2018 - 16:27 | 29-10-2014 - 10:55 | |
CVE-2014-3696 | 5.0 |
nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a crafted server message that triggers a large memory allocation.
|
05-01-2018 - 02:29 | 29-10-2014 - 10:55 | |
CVE-2014-3695 | 5.0 |
markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.
|
05-01-2018 - 02:29 | 29-10-2014 - 10:55 | |
CVE-2014-3698 | 5.0 |
The jabber_idn_validate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message.
|
05-01-2018 - 02:29 | 29-10-2014 - 10:55 | |
CVE-2014-3697 | 6.4 |
Absolute path traversal vulnerability in the untar_block function in win32/untar.c in Pidgin before 2.10.10 on Windows allows remote attackers to write to arbitrary files via a drive name in a tar archive of a smiley theme.
|
20-11-2014 - 02:59 | 29-10-2014 - 10:55 |