rpm package
opensuse/pidgin-otr&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/pidgin-otr&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-8833 | Cri | 9.8 | < 4.0.2-1.5 | 4.0.2-1.5 | Apr 12, 2016 | Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the "Authenticate buddy" menu item. | |
| CVE-2012-2369 | — | < 4.0.2-1.5 | 4.0.2-1.5 | May 23, 2012 | Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbitrary code via format string specifiers in data that generates a log message. |
- affected < 4.0.2-1.5fixed 4.0.2-1.5
Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the "Authenticate buddy" menu item.
- CVE-2012-2369May 23, 2012affected < 4.0.2-1.5fixed 4.0.2-1.5
Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbitrary code via format string specifiers in data that generates a log message.