Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4999

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-4999
Last Modified 02 Nov 2013 10:28:55
Published 29 Oct 2007 06:46:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4999

Summary

libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, allows remote attackers to cause a denial of service (NULL dereference and application crash) via a message that contains invalid HTML data, a different vector than CVE-2007-4996.

Vulnerable Systems

Application

  • Pidgin 2.1.0

  • Pidgin 2.2.0

  • Pidgin 2.2.1


References

CONFIRM - http://www.pidgin.im/news/security/?id=24

SECUNIA - 27372

VUPEN - ADV-2007-3624

OSVDB - 38695

FEDORA - FEDORA-2007-2714

XF - pidgin-htmldata-dos(38132)

UBUNTU - USN-548-1

BID - 26205

BUGTRAQ - 20071112 FLEA-2007-0067-1 pidgin

SECUNIA - 27858

SECUNIA - 27495


Last Updated: 27 May 2016 10:46:02