Detections
Analytics
CVE-2009-1373
critical
Description
Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained from third party information.
References
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00075.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00051.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00033.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9005
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17722
https://exchange.xforce.ibmcloud.com/vulnerabilities/50682
https://bugzilla.redhat.com/show_bug.cgi?id=500488
http://www.vupen.com/english/advisories/2009/1396
http://www.ubuntu.com/usn/USN-781-2
http://www.ubuntu.com/usn/USN-781-1
http://www.securityfocus.com/bid/35067
http://www.redhat.com/support/errata/RHSA-2009-1060.html
http://www.redhat.com/support/errata/RHSA-2009-1059.html
http://www.pidgin.im/news/security/?id=29
http://www.mandriva.com/security/advisories?name=MDVSA-2009:173
http://www.mandriva.com/security/advisories?name=MDVSA-2009:140
http://www.gentoo.org/security/en/glsa/glsa-200905-07.xml
http://secunia.com/advisories/35330
http://secunia.com/advisories/35329
http://secunia.com/advisories/35294
http://secunia.com/advisories/35215
http://secunia.com/advisories/35202
http://secunia.com/advisories/35194