VYPR

Adium

by Adium

CVEs (6)

  • CVE-2010-0013HigJan 9, 2010
    risk 0.53cvss 7.5epss 0.13

    Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to…

  • CVE-2009-2694Aug 21, 2009
    risk 0.05cvss epss 0.20

    The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application…

  • CVE-2010-0277Jan 9, 2010
    risk 0.00cvss epss 0.02

    slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE request…

  • CVE-2009-3615Oct 20, 2009
    risk 0.00cvss epss 0.03

    The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client.

  • CVE-2008-7190Sep 9, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Adium before 1.2 has unknown impact and attack vectors related to javascript: URLs, possibly cross-site scripting (XSS).

  • CVE-2008-2927Jul 7, 2008
    risk 0.00cvss epss 0.04

    Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a…