2014-02-06 18:00:05 2014-03-16 05:42:40

libpurple/protocols/yahoo/libymsg.c in Pidgin before 2.10.8 allows remote attackers to cause a denial of service (crash) via a Yahoo! P2P message with a crafted length field, which triggers a buffer over-read.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL
John Nunemaker httparty 0.1.5 John Nunemaker httparty 0.1.7 John Nunemaker httparty 0.1.6 John Nunemaker crack 0.3.0 John Nunemaker httparty 0.6.0 John Nunemaker httparty 0.7.1 John Nunemaker httparty 0.4.3 John Nunemaker crack 0.3.1 John Nunemaker httparty 0.5.2 Pidgin Pidgin 2.6.3 (not an official CPE) John Nunemaker httparty 0.4.2 John Nunemaker crack 0.3.2 John Nunemaker httparty 0.4.4 John Nunemaker httparty 0.8.0 John Nunemaker httparty 0.3.1 John Nunemaker httparty 0.4.0 John Nunemaker httparty 0.2.9 John Nunemaker httparty 0.3.0 John Nunemaker httparty 0.7.0 John Nunemaker httparty 0.6.1 John Nunemaker httparty 0.4.1 mod_ldap_userdir 1.1.8 mod_ldap_userdir 1.1.7 mod_ldap_userdir 1.4 John Nunemaker httparty 0.7.7 John Nunemaker httparty 0.4.5 John Nunemaker httparty 0.5.1 John Nunemaker httparty 0.5.0 John Nunemaker httparty 0.1.0 John Nunemaker httparty 0.7.6 John Nunemaker httparty 0.1.3 John Nunemaker httparty 0.1.2 John Nunemaker httparty 0.7.8 John Nunemaker httparty 0.7.3 John Nunemaker httparty 0.7.2 Pidgin Pidgin 2.10.7 (not an official CPE) John Nunemaker httparty 0.7.5 John Nunemaker httparty 0.7.4 John Nunemaker httparty 0.1.1 John Nunemaker httparty 0.2.0 John Nunemaker crack 0.1.8 John Nunemaker httparty 0.1.8 John Nunemaker crack 0.2.0 John Nunemaker httparty 0.2.6 John Nunemaker httparty 0.2.3 John Nunemaker httparty 0.8.1 John Nunemaker httparty 0.2.1 John Nunemaker httparty 0.2.4 John Nunemaker httparty 0.2.10 John Nunemaker httparty 0.2.7 John Nunemaker httparty 0.2.2 John Nunemaker httparty 0.2.8 John Nunemaker httparty 0.2.5