CVE-2011-3184 in Pidgininfo

Summary

The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.0 does not properly handle HTTP 100 responses, which allows remote attackers to cause a denial of service (incorrect memory access and application crash) via vectors involving a crafted server message.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

08/19/2011

Disclosure

08/29/2011

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
58394Pidgin Protocol Plugin httpconn.c msn_httpconn_parse_data resource management399Not definedOfficial fixCVE-2011-3184

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Want to stay up to date on a daily basis?

Enable the mail alert feature now!