CVE-2008-2956

Memory leak in Pidgin 2.0.0, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption) via malformed XML documents. NOTE: this issue has been disputed by the upstream vendor, who states: "I was never able to identify a scenario under which a problem occurred and the original reporter wasn't able to supply any sort of reproduction details."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
VendorProductVersion
pidginpidgin
2.0.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
pidgin
bullseye
unimportant
bookworm
unimportant
sid
unimportant
trixie
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gaim
jaunty
dne
intrepid
dne
hardy
dne
gutsy
dne
dapper
ignored
pidgin
jaunty
ignored
intrepid
ignored
hardy
ignored
feisty
dne
dapper
dne
Common Weakness Enumeration
References
http://crisp.cs.du.edu/?q=ca2007-1
http://secunia.com/advisories/31387
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246
http://www.openwall.com/lists/oss-security/2008/06/27/3
http://www.securityfocus.com/archive/1/495165/100/0/threaded
http://www.securityfocus.com/bid/29985
https://issues.rpath.com/browse/RPL-2647
http://crisp.cs.du.edu/?q=ca2007-1
http://secunia.com/advisories/31387
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246
http://www.openwall.com/lists/oss-security/2008/06/27/3
http://www.securityfocus.com/archive/1/495165/100/0/threaded
http://www.securityfocus.com/bid/29985
https://issues.rpath.com/browse/RPL-2647