CVE-2009-2703 — Vulnetix

CVE-2009-2703 PUBLISHED CVSS 8.699999809265137 HIGH

libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string.

EPSS 0.64% · 71.1th percentile

Risk Scores

CVSS 4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS Score

0.64%

71.1th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
pidgin	libpurple
pidgin	pidgin	2.0.0, 2.0.1, 2.0.2

Exploit Intelligence

36601 (circl)
oval:org.mitre.oval:def:6435 (circl)
http://developer.pidgin.im/viewmtn/revision/info/ad2c6ee53ec9122b25aeb1f918db53be69bdeac3 (circl)
http://www.pidgin.im/news/security/index.php?id=40 (circl)
oval:org.mitre.oval:def:11379 (circl)
36277 (circl)

Timeline

Sep 8, 2009 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 9, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 3, 2023 EPSS Score
May 25, 2023 EPSS Score
Jul 17, 2023 EPSS Score

References

36601 third-party-advisory
oval:org.mitre.oval:def:6435 vdb
http://developer.pidgin.im/viewmtn/revision/info/ad2c6ee53ec9122b25aeb1f918db53be69bdeac3 url
http://www.pidgin.im/news/security/index.php?id=40 url
oval:org.mitre.oval:def:11379 vdb
36277 vdb
https://nvd.nist.gov/vuln/detail/CVE-2009-2703 advisory

Open in Interactive Console →