CVE-2008-2956 — Vulnetix

Try Vulnetix Request Demo

CVE-2008-2956 PUBLISHED CVSS 5 MEDIUM

Memory leak in Pidgin 2.0.0, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption) via malformed XML documents. NOTE: this issue has been disputed by the upstream vendor, who states: "I was never able to identify a scenario under which a problem occurred and the original reporter wasn't able to supply any sort of reproduction details."

EPSS 1.01% · 76.9th percentile

Risk Scores

CVSS v2.0

5

EPSS Score

1.01%

76.9th percentile

Affected Products

Vendor	Product	Versions
pidgin	pidgin	2.0.0
n/a	n/a	n/a

Timeline

Jul 1, 2008 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
Jul 10, 2023 EPSS Score
Aug 31, 2023 EPSS Score

References

29985 vdb
[oss-security] 20080627 CVE Request (pidgin) mailing-list
31387 third-party-advisory
20080806 rPSA-2008-0246-1 gaim mailing-list
http://crisp.cs.du.edu/?q=ca2007-1 url
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246 url
https://issues.rpath.com/browse/RPL-2647 url
https://nvd.nist.gov/vuln/detail/CVE-2008-2956 advisory
https://access.redhat.com/security/cve/CVE-2008-2956 url
https://bugzilla.redhat.com/show_bug.cgi?id=453739 url

Open in Interactive Console →