Remote Information Disclosure in Pidgin Jabber Protocol Plugin
CVE-2014-3698

Currently unrated

Key Information:

Vendor

Pidgin

Status
Pidgin
Vendor
CVE Published:
29 October 2014

What is CVE-2014-3698?

The jabber_idn_validate function in jutil.c of the Jabber protocol plugin within libpurple of Pidgin versions prior to 2.10.10 is susceptible to a vulnerability that allows remote attackers to access sensitive information stored in process memory. By sending specially crafted XMPP messages, malicious actors can exploit this vulnerability, potentially leading to unauthorized access to user data or system information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://hg.pidgin.im/pidgin/main/rev/ea46ab68f0dc
x_refsource_CONFIRM
http://pidgin.im/news/security/?id=90
x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2017:1854
vendor-advisoryx_refsource_REDHAT

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.