VDB
CVE-2012-1178
CVE-2012-1178
PUBLISHED
CVSS 5 MEDIUM
The msn_oim_report_to_user function in oim.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.2 allows remote servers to cause a denial of service (application crash) via an OIM message that lacks UTF-8 encoding.
EPSS 1.14% · 78.7th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
1.14%
78.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| pidgin | pidgin | 2.0.0, 2.0.2, 2.1.1 |
Exploit Intelligence
- oval:org.mitre.oval:def:18019 (circl)
- http://developer.pidgin.im/ticket/14884 (circl)
- http://pidgin.im/news/security/?id=61 (circl)
- MDVSA-2012:029 (circl)
- 52475 (circl)
- http://developer.pidgin.im/viewmtn/revision/info/3053d6a37cc6d8774aba7607b992a4408216adcd (circl)
- 50005 (circl)
- RHSA-2012:1102 (circl)
- http://developer.pidgin.im/viewmtn/revision/diff/60f8379d0a610538cf42e0dd9ab1436c8b9308cd/with/3053d6a37cc6d8774aba7607b992a4408216adcd/libpurple/protocols/msn/oim.c (circl)
Timeline
- Mar 15, 2012 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
References
- oval:org.mitre.oval:def:18019 vdb
- http://developer.pidgin.im/ticket/14884 url
- http://pidgin.im/news/security/?id=61 url
- MDVSA-2012:029 vendor-advisory
- 52475 vdb
- http://developer.pidgin.im/viewmtn/revision/info/3053d6a37cc6d8774aba7607b992a4408216adcd url
- 50005 third-party-advisory
- RHSA-2012:1102 vendor-advisory
- http://developer.pidgin.im/viewmtn/revision/diff/60f8379d0a610538cf42e0dd9ab1436c8b9308cd/with/3053d6a37cc6d8774aba7607b992a4408216adcd/libpurple/protocols/msn/oim.c url
- https://nvd.nist.gov/vuln/detail/CVE-2012-1178 advisory