CVE-2011-1091 — Vulnetix

Try Vulnetix Request Demo

CVE-2011-1091 PUBLISHED

Reported by redhat · Published March 14, 2011

libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yahoo! servers to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG SMS message.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a

Timeline

Mar 14, 2011 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 3, 2023 EPSS Score
Feb 4, 2023 EPSS Score
Feb 13, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

ADV-2011-0661 vdb-entryx_refsource_VUPEN
RHSA-2011:0616 vendor-advisoryx_refsource_REDHAT
openSUSE-SU-2012:0066 vendor-advisoryx_refsource_SUSE
x_refsource_CONFIRM
x_refsource_CONFIRM
46837 vdb-entryx_refsource_BID
x_refsource_CONFIRM
ADV-2011-0703 vdb-entryx_refsource_VUPEN
FEDORA-2011-3150 vendor-advisoryx_refsource_FEDORA
43721 third-party-advisoryx_refsource_SECUNIA
SSA:2011-070-02 vendor-advisoryx_refsource_SLACKWARE
pidgin-yahoo-protocol-dos(66055) vdb-entryx_refsource_XF
46376 third-party-advisoryx_refsource_SECUNIA
43695 third-party-advisoryx_refsource_SECUNIA
RHSA-2011:1371 vendor-advisoryx_refsource_REDHAT
oval:org.mitre.oval:def:18402 vdb-entrysignaturex_refsource_OVAL
ADV-2011-0669 vdb-entryx_refsource_VUPEN
x_refsource_CONFIRM
FEDORA-2011-3113 vendor-advisoryx_refsource_FEDORA
ADV-2011-0643 vdb-entryx_refsource_VUPEN

Open in Interactive Console →