Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2957

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2008-2957
Last Modified 02 Nov 2013 10:38:05
Published 01 Jul 2008 06:41:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2957

Summary

The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service (memory or disk consumption) via a UDP packet that specifies an arbitrary URL.

Vulnerable Systems

Application

  • Pidgin 2.0.0


References

BID - 29985

REDHAT - RHSA-2008:1023

MLIST - [oss-security] 20080627 CVE Request (pidgin)

MANDRIVA - MDVSA-2009:025

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-493.htm

SECUNIA - 33102

MISC - http://crisp.cs.du.edu/?q=ca2007-1

UBUNTU - USN-675-1

SECUNIA - 32859


Last Updated: 27 May 2016 10:49:46