CVE-2013-0271 — Pidgin vulnerability

8 documents7 sources

Severity

5.0MEDIUMNVD

EPSS

0.6%

top 31.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Pidgin Debian Pidgin

Timeline

PublishedFeb 16

Latest updateMay 5

Description

The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathname.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/pidgin< pidgin 2.10.6-3 (bookworm)

▶Debianpidgin/pidgin< 2.10.6-3+3

▶NVDpidgin/pidgin2.10.6+50

🔴Vulnerability Details

GHSA

GHSA-q8m9-xh4h-fpfm: The MXit protocol plugin in libpurple in Pidgin before 2↗2022-05-05

▶

OSV

CVE-2013-0271: The MXit protocol plugin in libpurple in Pidgin before 2↗2013-02-16

▶

📋Vendor Advisories

Ubuntu

Pidgin vulnerabilities↗2013-02-25

▶

Red Hat

pidgin: MXit protocol insufficient sanitization of saved image file names↗2013-02-13

▶

Debian

CVE-2013-0271: pidgin - The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote...↗2013

▶

💬Community

Bugzilla

CVE-2013-0271 CVE-2013-0272 CVE-2013-0273 CVE-2013-0274 pidgin various flaws [fedora-all]↗2013-02-13

▶

Bugzilla

CVE-2013-0271 pidgin: MXit protocol insufficient sanitization of saved image file names↗2013-02-11

▶