CVE-2010-0423Pidgin vulnerability

CWE-3998 documents7 sources
Severity
5.0MEDIUMNVD
EPSS
8.8%
top 7.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
PidginDebian Pidgin
Timeline
PublishedFeb 24
Latest updateMay 2

Description

gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service (CPU consumption and application hang) by sending many smileys in a (1) IM or (2) chat.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

debiandebian/pidgin< pidgin 2.6.6-1 (bookworm)
Debianpidgin/pidgin< 2.6.6-1+3
NVDpidgin/pidgin2.6.5+28

Patches

Patch: pidgin.imPatch: www.vupen.comPatch: pidgin.im

🔴Vulnerability Details

2
GHSA
GHSA-755g-9f69-83cm: gtkimhtml2022-05-02
OSV
CVE-2010-0423: gtkimhtml2010-02-24

📋Vendor Advisories

3
Ubuntu
Pidgin vulnerabilities2010-02-22
Red Hat
pidgin: Smiley Denial of Service2010-02-18
Debian
CVE-2010-0423: pidgin - gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of ...2010

💬Community

2
Bugzilla
CVE-2010-0277 CVE-2010-0420 CVE-2010-0423 Multiple pidgin vulnerabilities [Fedora all]2010-02-18
Bugzilla
CVE-2010-0423 pidgin: Smiley Denial of Service2010-02-16