← Retour aux CVEs
CVE-2013-6483
N/ADescription
The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not properly determine whether the from address in an iq reply is consistent with the to address in an iq request, which allows remote attackers to spoof iq traffic or cause a denial of service (NULL pointer dereference and application crash) via a crafted reply.
Details CVE
Score CVSS v3.1N/A
Publie2/6/2014
Derniere modification4/29/2026
Sourcenvd
Observations honeypot0
Produits affectes
pidgin:pidgin
Faiblesses (CWE)
CWE-20
References
http://hg.pidgin.im/pidgin/main/rev/93d4bff19574(secalert@redhat.com)
http://lists.opensuse.org/opensuse-updates/2014-02/msg00039.html(secalert@redhat.com)
http://lists.opensuse.org/opensuse-updates/2014-03/msg00005.html(secalert@redhat.com)
http://pidgin.im/news/security/?id=78(secalert@redhat.com)
http://www.debian.org/security/2014/dsa-2859(secalert@redhat.com)
http://www.ubuntu.com/usn/USN-2100-1(secalert@redhat.com)
https://rhn.redhat.com/errata/RHSA-2014-0139.html(secalert@redhat.com)
http://hg.pidgin.im/pidgin/main/rev/93d4bff19574(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2014-02/msg00039.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2014-03/msg00005.html(af854a3a-2127-422b-91ae-364da2661108)
http://pidgin.im/news/security/?id=78(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2014/dsa-2859(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2100-1(af854a3a-2127-422b-91ae-364da2661108)
https://rhn.redhat.com/errata/RHSA-2014-0139.html(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.