CVE-2009-1374 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:N/I:N/A:P
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 88%

Vendor	Product	Version
pidgin	pidgin	𝑥 ≤ 2.5.5
pidgin	pidgin	2.0.0
pidgin	pidgin	2.0.1
pidgin	pidgin	2.0.2
pidgin	pidgin	2.0.2
pidgin	pidgin	2.1.0
pidgin	pidgin	2.1.1
pidgin	pidgin	2.2.0
pidgin	pidgin	2.2.1
pidgin	pidgin	2.2.2
pidgin	pidgin	2.3.0
pidgin	pidgin	2.3.1
pidgin	pidgin	2.4.0
pidgin	pidgin	2.4.1
pidgin	pidgin	2.4.2
pidgin	pidgin	2.4.3
pidgin	pidgin	2.5.0
pidgin	pidgin	2.5.1
pidgin	pidgin	2.5.2
pidgin	pidgin	2.5.3
pidgin	pidgin	2.5.4

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

pidgin

bullseye	2.14.1-1 fixed
lenny	not-affected
bookworm	2.14.12-1 fixed
sid	2.14.13-2 fixed
trixie	2.14.13-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

gaim

jaunty	dne
intrepid	dne
hardy	dne
gutsy	dne
dapper	not-affected

pidgin

jaunty	Fixed 1:2.5.5-1ubuntu8.1 released
intrepid	Fixed 1:2.5.2-0ubuntu1.2 released
hardy	Fixed 1:2.4.1-1ubuntu2.4 released
feisty	dne
dapper	dne

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://secunia.com/advisories/35188

http://secunia.com/advisories/35194

http://secunia.com/advisories/35202

http://secunia.com/advisories/35294

http://secunia.com/advisories/35329

http://www.gentoo.org/security/en/glsa/glsa-200905-07.xml

http://www.mandriva.com/security/advisories?name=MDVSA-2009:173

http://www.pidgin.im/news/security/?id=30

http://www.redhat.com/support/errata/RHSA-2009-1060.html

http://www.securityfocus.com/bid/35067

http://www.ubuntu.com/usn/USN-781-1

http://www.vupen.com/english/advisories/2009/1396

https://bugzilla.redhat.com/show_bug.cgi?id=500490

https://exchange.xforce.ibmcloud.com/vulnerabilities/50684

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11654

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18201

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00033.html

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00051.html

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00075.html

http://secunia.com/advisories/35188

http://secunia.com/advisories/35194

http://secunia.com/advisories/35202

http://secunia.com/advisories/35294

http://secunia.com/advisories/35329

http://www.gentoo.org/security/en/glsa/glsa-200905-07.xml

http://www.mandriva.com/security/advisories?name=MDVSA-2009:173

http://www.pidgin.im/news/security/?id=30

http://www.redhat.com/support/errata/RHSA-2009-1060.html

http://www.securityfocus.com/bid/35067

http://www.ubuntu.com/usn/USN-781-1

http://www.vupen.com/english/advisories/2009/1396

https://bugzilla.redhat.com/show_bug.cgi?id=500490

https://exchange.xforce.ibmcloud.com/vulnerabilities/50684

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11654

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18201

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00033.html

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00051.html

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00075.html