CVE-2009-2703 — Vulnetix

Try Vulnetix Request Demo

CVE-2009-2703 PUBLISHED CVSS 8.699999809265137 HIGH

libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string.

EPSS 0.64% · 70.5th percentile

Risk Scores

CVSS v4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS Score

0.64%

70.5th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
pidgin	libpurple
pidgin	pidgin	0, 2.0.0, 2.0.1

Timeline

Sep 8, 2009 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score

References

36601 third-party-advisory
oval:org.mitre.oval:def:6435 vdb
http://developer.pidgin.im/viewmtn/revision/info/ad2c6ee53ec9122b25aeb1f918db53be69bdeac3 url
http://www.pidgin.im/news/security/index.php?id=40 url
oval:org.mitre.oval:def:11379 vdb
36277 vdb
https://nvd.nist.gov/vuln/detail/CVE-2009-2703 advisory

Open in Interactive Console →