CyberSec.Space Logo
CVEブラウザに戻る

CVE-2013-6490

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0890%
EPSS Percentile27.63th
Published2014年2月6日
Last Modified2026年4月29日

Vulnerability Description

The SIMPLE protocol functionality in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a negative Content-Length header, which triggers a buffer overflow.

Affected Platforms (CPE)

📦
Pidgin

Pidgin

<= 2.10.7
📦
Pidgin

Pidgin

= 2.0.0
📦
Pidgin

Pidgin

= 2.0.1
📦
Pidgin

Pidgin

= 2.0.2
📦
Pidgin

Pidgin

= 2.1.0
📦
Pidgin

Pidgin

= 2.1.1
📦
Pidgin

Pidgin

= 2.2.0
📦
Pidgin

Pidgin

= 2.2.1
📦
Pidgin

Pidgin

= 2.2.2
📦
Pidgin

Pidgin

= 2.3.0
📦
Pidgin

Pidgin

= 2.3.1
📦
Pidgin

Pidgin

= 2.4.0
📦
Pidgin

Pidgin

= 2.4.1
📦
Pidgin

Pidgin

= 2.4.2
📦
Pidgin

Pidgin

= 2.4.3
📦
Pidgin

Pidgin

= 2.5.0
📦
Pidgin

Pidgin

= 2.5.1
📦
Pidgin

Pidgin

= 2.5.2
📦
Pidgin

Pidgin

= 2.5.3
📦
Pidgin

Pidgin

= 2.5.4
📦
Pidgin

Pidgin

= 2.5.5
📦
Pidgin

Pidgin

= 2.5.6
📦
Pidgin

Pidgin

= 2.5.7
📦
Pidgin

Pidgin

= 2.5.8
📦
Pidgin

Pidgin

= 2.5.9
📦
Pidgin

Pidgin

= 2.6.0
📦
Pidgin

Pidgin

= 2.6.1
📦
Pidgin

Pidgin

= 2.6.2
📦
Pidgin

Pidgin

= 2.6.3
📦
Pidgin

Pidgin

= 2.6.4
📦
Pidgin

Pidgin

= 2.6.5
📦
Pidgin

Pidgin

= 2.6.6
📦
Pidgin

Pidgin

= 2.7.0
📦
Pidgin

Pidgin

= 2.7.1
📦
Pidgin

Pidgin

= 2.7.2
📦
Pidgin

Pidgin

= 2.7.3
📦
Pidgin

Pidgin

= 2.7.4
📦
Pidgin

Pidgin

= 2.7.5
📦
Pidgin

Pidgin

= 2.7.6
📦
Pidgin

Pidgin

= 2.7.7
📦
Pidgin

Pidgin

= 2.7.8
📦
Pidgin

Pidgin

= 2.7.9
📦
Pidgin

Pidgin

= 2.7.10
📦
Pidgin

Pidgin

= 2.7.11
📦
Pidgin

Pidgin

= 2.8.0
📦
Pidgin

Pidgin

= 2.9.0
📦
Pidgin

Pidgin

= 2.10.0
📦
Pidgin

Pidgin

= 2.10.1
📦
Pidgin

Pidgin

= 2.10.2
📦
Pidgin

Pidgin

= 2.10.3
📦
Pidgin

Pidgin

= 2.10.4
📦
Pidgin

Pidgin

= 2.10.5
📦
Pidgin

Pidgin

= 2.10.6

References & Advisories

🔗 http://hg.pidgin.im/pidgin/main/rev/6bd2dd10e5da
🔗 http://www.debian.org/security/2014/dsa-2859
🔗 http://www.pidgin.im/news/security/?id=84
🔗 http://www.securityfocus.com/bid/65195
🔗 http://www.ubuntu.com/usn/USN-2100-1
🔗 https://rhn.redhat.com/errata/RHSA-2014-0139.html
🔗 http://hg.pidgin.im/pidgin/main/rev/6bd2dd10e5da
🔗 http://www.debian.org/security/2014/dsa-2859

関連する脆弱性情報

CVE-2009-269410.0

The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2...

CVE-2016-10000309.8

Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values ...

CVE-2015-88339.8

Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr pl...

CVE-2009-24049.3

Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Fir...