Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » SUSE-2014:9213

Overview

Id SUSE-2014:9213
Name Novell SUSE 2014:9213 finch security update for SLED 11 SP3 x86_64
Vendor Name novell
Product Novell
Content Type Critical Critical
Language(s)
Operating System(s) Linux 
Released On 08 May 2014 12:00:00

SUSE-2014:9213

Novell SUSE 2014:9213 finch security update for SLED 11 SP3 x86_64

Vendor Name

novell

Product

Novell

Released On

08 May 2014 12:00:00

Url

http://www.novell.com/support

Description

LSAC(v2)
The pidgin Instant Messenger has been updated to fix various security issues: * CVE-2014-0020: Remotely triggerable crash in IRC argument parsing * CVE-2013-6490: Buffer overflow in SIMPLE header parsing * CVE-2013-6489: Buffer overflow in MXit emoticon parsing * CVE-2013-6487: Buffer overflow in Gadu-Gadu HTTP parsing * CVE-2013-6486: Pidgin uses clickable links to untrusted executables * CVE-2013-6485: Buffer overflow parsing chunked HTTP responses * CVE-2013-6484: Crash reading response from STUN server * CVE-2013-6483: XMPP doesn't verify 'from' on some iq replies * CVE-2013-6482: NULL pointer dereference parsing SOAP data in MSN * CVE-2013-6482: NULL pointer dereference parsing OIM data in MSN * CVE-2013-6482: NULL pointer dereference parsing headers in MSN * CVE-2013-6481: Remote crash reading Yahoo! P2P message * CVE-2013-6479: Remote crash parsing HTTP responses * CVE-2013-6478: Crash when hovering pointer over a long URL * CVE-2013-6477: Crash handling bad XMPP timestamp * CVE-2012-6152: Yahoo! remote crash from incorrect character encoding Security Issue references: * CVE-2014-0020 * CVE-2013-6490 * CVE-2013-6489 * CVE-2013-6487 * CVE-2013-6486 * CVE-2013-6485 * CVE-2013-6484 * CVE-2013-6483 * CVE-2013-6482 * CVE-2013-6481 * CVE-2013-6479 * CVE-2013-6478 * CVE-2013-6477 * CVE-2012-6152

Related Resources

Related Vulnerabilities

None

Related Patches

Superseded Patches

None


Last Updated: 27 May 2016 11:18:55