CVE-2004-0013
published 2004-02-03CVE-2004-0013: jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attackers to cause a denial of service…
PriorityP415medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
1.80%
75.7th percentile
jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attackers to cause a denial of service (crash).
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jabber_software_foundation | jabber_server | — | — |
| jabber_software_foundation | jabber_server | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6gxj-mcjr-q7gr: jabber 1
ghsa_unreviewed·2022-04-29
CVE-2004-0013 [MEDIUM] GHSA-6gxj-mcjr-q7gr: jabber 1
jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attackers to cause a denial of service (crash).
Red Hat
pidgin/libpurple: MSN custom smiley request directory traversal file disclosure
vendor_redhat·2009-12-27·CVSS 5.0
CVE-2010-0013 [MEDIUM] pidgin/libpurple: MSN custom smiley request directory traversal file disclosure
pidgin/libpurple: MSN custom smiley request directory traversal file disclosure
Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/10559http://www.debian.org/security/2004/dsa-414http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:005http://www.osvdb.org/3345http://www.securityfocus.com/bid/9376https://exchange.xforce.ibmcloud.com/vulnerabilities/14158http://secunia.com/advisories/10559http://www.debian.org/security/2004/dsa-414http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:005http://www.osvdb.org/3345http://www.securityfocus.com/bid/9376https://exchange.xforce.ibmcloud.com/vulnerabilities/14158
2004-02-03
Published