Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CentOS Update for pidgin CESA-2008:0584 centos3 i386

Information

Severity

Severity

Medium

Family

Family

CentOS Local Security Checks

CVSSv2 Base

CVSSv2 Base

6.8

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

13 years ago

Modified

Modified

5 years ago

Summary

Check for the Version of pidgin

Insight

Insight

Pidgin is a multi-protocol Internet Messaging client. An integer overflow flaw was found in Pidgin's MSN protocol handler. If a user received a malicious MSN message, it was possible to execute arbitrary code with the permissions of the user running Pidgin. (CVE-2008-2927) Note: the default Pidgin privacy setting only allows messages from users in the buddy list. This prevents arbitrary MSN users from exploiting this flaw. This update also addresses the following bug: * when attempting to connect to the ICQ network, Pidgin would fail to connect, present an alert saying the &quot The client version you are using is too old&quot , and de-activate the ICQ account. This update restores Pidgin's ability to connect to the ICQ network. All Pidgin users should upgrade to these updated packages, which contain backported patches to resolve these issues.

Affected Software

Affected Software

pidgin on CentOS 3

Solution

Solution

Please Install the Updated Packages.

Common Vulnerabilities and Exposures (CVE)