Pidgin 'Libpurple' CVE-2013-0271 Arbitrary File Overwrite Vulnerability
BID:57952
Info
Pidgin 'Libpurple' CVE-2013-0271 Arbitrary File Overwrite Vulnerability
| Bugtraq ID: | 57952 |
| Class: | Input Validation Error |
| CVE: |
CVE-2013-0271 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 13 2013 12:00AM |
| Updated: | Aug 05 2014 12:49AM |
| Credit: | Chris Wysopal of Veracode |
| Vulnerable: |
Ubuntu Ubuntu Linux 12.04 LTS i386 Ubuntu Ubuntu Linux 12.04 LTS amd64 Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 SuSE SUSE Linux Enterprise SDK 11 SP2 SuSE SUSE Linux Enterprise SDK 10 SP4 SuSE SUSE Linux Enterprise Desktop 11 SP2 SuSE SUSE Linux Enterprise Desktop 10 SP4 SuSE openSUSE 12.1 Slackware Linux x86_64 -current Slackware Linux 13.37 x86_64 Slackware Linux 13.37 Slackware Linux 13.1 x86_64 Slackware Linux 13.1 Slackware Linux 13.0 x86_64 Slackware Linux 13.0 Slackware Linux 12.2 Slackware Linux -current Pidgin Pidgin 2.10.4 Pidgin Pidgin 2.10.3 Pidgin Pidgin 2.10.2 Pidgin Pidgin 2.10.1 Pidgin Pidgin 2.10.2 Pidgin Pidgin 2.10.0 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 Gentoo Linux |
| Not Vulnerable: | |
Discussion
Pidgin 'Libpurple' CVE-2013-0271 Arbitrary File Overwrite Vulnerability
Pidgin is prone to a vulnerability that may allow attackers to overwrite arbitrary local files.
Successful exploits may allow an attacker to overwrite arbitrary local files in the context of the user running the affected application.
Versions prior to Pidgin 2.10.7 are vulnerable.
Pidgin is prone to a vulnerability that may allow attackers to overwrite arbitrary local files.
Successful exploits may allow an attacker to overwrite arbitrary local files in the context of the user running the affected application.
Versions prior to Pidgin 2.10.7 are vulnerable.
Exploit / POC
Pidgin 'Libpurple' CVE-2013-0271 Arbitrary File Overwrite Vulnerability
Currently, we are not aware of any exploits. If you feel we are in error or if you are aware of any more recent information, please mail us at: [email protected].
Currently, we are not aware of any exploits. If you feel we are in error or if you are aware of any more recent information, please mail us at: [email protected].
Solution / Fix
Pidgin 'Libpurple' CVE-2013-0271 Arbitrary File Overwrite Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Pidgin 'Libpurple' CVE-2013-0271 Arbitrary File Overwrite Vulnerability
References:
References:
- Pidgin Homepage (Pidgin)