Pidgin 'libpurple' CVE-2013-0272 HTTP Header Stack Buffer Overflow Vulnerability
BID:57951
Info
Pidgin 'libpurple' CVE-2013-0272 HTTP Header Stack Buffer Overflow Vulnerability
| Bugtraq ID: | 57951 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2013-0272 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 13 2013 12:00AM |
| Updated: | Mar 19 2015 08:37AM |
| Credit: | Coverity static analysis |
| Vulnerable: |
Ubuntu Ubuntu Linux 12.04 LTS i386 Ubuntu Ubuntu Linux 12.04 LTS amd64 Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 SuSE SUSE Linux Enterprise SDK 11 SP2 SuSE SUSE Linux Enterprise SDK 10 SP4 SuSE SUSE Linux Enterprise Desktop 11 SP2 SuSE SUSE Linux Enterprise Desktop 10 SP4 SuSE openSUSE 12.1 SuSE openSUSE 11.4 Slackware Linux x86_64 -current Slackware Linux 13.37 x86_64 Slackware Linux 13.37 Slackware Linux 13.1 x86_64 Slackware Linux 13.1 Slackware Linux 13.0 x86_64 Slackware Linux 13.0 Slackware Linux 12.2 Slackware Linux -current RedHat Enterprise Linux Optional Productivity Application 5 server RedHat Enterprise Linux Desktop Workstation 5 client Red Hat Enterprise Linux Workstation Optional 6 Red Hat Enterprise Linux Workstation 6 Red Hat Enterprise Linux Server Optional 6 Red Hat Enterprise Linux Desktop Optional 6 Red Hat Enterprise Linux Desktop 6 Red Hat Enterprise Linux Desktop 5 client Pidgin Pidgin 2.10.4 Pidgin Pidgin 2.10.3 Pidgin Pidgin 2.10.2 Pidgin Pidgin 2.10.1 Pidgin Pidgin 2.10.2 Pidgin Pidgin 2.10.0 Oracle Enterprise Linux 6.2 Oracle Enterprise Linux 6 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 Gentoo Linux CentOS CentOS 5 |
| Not Vulnerable: | |
Solution / Fix
Pidgin 'libpurple' CVE-2013-0272 HTTP Header Stack Buffer Overflow Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Slackware Linux x86_64 -current
Slackware Linux -current
MandrakeSoft Enterprise Server 5 x86_64
Slackware Linux 12.2
Slackware Linux 14.0 x86_64
MandrakeSoft Enterprise Server 5
Slackware Linux 13.1 x86_64
Slackware Linux 13.1
Slackware Linux 13.0 x86_64
Slackware Linux 13.37 x86_64
Slackware Linux 13.0
Slackware Linux 14.0
Slackware Linux 13.37
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Slackware Linux x86_64 -current
-
Slackware pidgin-2.10.7-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ xap/pidgin-2.10.7-x86_64-1.txz
Slackware Linux -current
-
Slackware pidgin-2.10.7-i486-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/ pidgin-2.10.7-i486-1.txz
MandrakeSoft Enterprise Server 5 x86_64
-
Mandriva finch-2.10.7-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64finch0-2.10.7-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64purple-devel-2.10.7-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64purple0-2.10.7-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-2.10.7-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-bonjour-2.10.7-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-client-2.10.7-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-gevolution-2.10.7-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-i18n-2.10.7-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-meanwhile-2.10.7-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-perl-2.10.7-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-plugins-2.10.7-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-silc-2.10.7-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-tcl-2.10.7-0.1mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/
Slackware Linux 12.2
-
Slackware pidgin-2.10.7-i486-1_slack12.2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/ pidgin-2.10.7-i486-1_slack12.2.tgz
Slackware Linux 14.0 x86_64
-
Slackware pidgin-2.10.7-x86_64-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/package s/pidgin-2.10.7-x86_64-1_slack14.0.txz
MandrakeSoft Enterprise Server 5
-
Mandriva finch-2.10.7-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libfinch0-2.10.7-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libpurple-devel-2.10.7-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libpurple0-2.10.7-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-2.10.7-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-bonjour-2.10.7-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-client-2.10.7-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-gevolution-2.10.7-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-i18n-2.10.7-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-meanwhile-2.10.7-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-perl-2.10.7-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-plugins-2.10.7-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-silc-2.10.7-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva pidgin-tcl-2.10.7-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/
Slackware Linux 13.1 x86_64
-
Slackware pidgin-2.10.7-x86_64-1_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/package s/pidgin-2.10.7-x86_64-1_slack13.1.txz
Slackware Linux 13.1
-
Slackware pidgin-2.10.7-i486-1_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ pidgin-2.10.7-i486-1_slack13.1.txz
Slackware Linux 13.0 x86_64
-
Slackware pidgin-2.10.7-x86_64-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/package s/pidgin-2.10.7-x86_64-1_slack13.0.txz
Slackware Linux 13.37 x86_64
-
Slackware pidgin-2.10.7-x86_64-1_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packag es/pidgin-2.10.7-x86_64-1_slack13.37.txz
Slackware Linux 13.0
-
Slackware pidgin-2.10.7-i486-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/ pidgin-2.10.7-i486-1_slack13.0.txz
Slackware Linux 14.0
-
Slackware pidgin-2.10.7-i486-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ pidgin-2.10.7-i486-1_slack14.0.txz
Slackware Linux 13.37
-
Slackware pidgin-2.10.7-i486-1_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages /pidgin-2.10.7-i486-1_slack13.37.txz
References
Pidgin 'libpurple' CVE-2013-0272 HTTP Header Stack Buffer Overflow Vulnerability
References:
References:
- MXit buffer overflow reading data from network (Pidgin)
- Pidgin Homepage (Pidgin)