VDB

GCVE-110-MAGEIA-2014-34

GCVE-110-MAGEIA-2014-34
Advisory Published
Vulnetix · Advisory published February 5, 2014
Many places in the Yahoo! protocol plugin assumed incoming strings were UTF-8 and failed to transcode from non-UTF-8 encodings. This can lead to a crash when receiving strings that aren't UTF-8 (CVE-2012-6152). A remote XMPP user can trigger a crash on some systems by sending a message with a timestamp in the distant future (CVE-2013-6477). libX11 forcefully exits causing a crash when Pidgin tries to create an exceptionally wide tooltip window when hovering the pointer over a long URL (CVE-2013-6478). A malicious server or man-in-the-middle could send a malformed HTTP response that could lead to a crash (CVE-2013-6479). The Yahoo! protocol plugin failed to validate a length field before trying to read from a buffer, which could result in reading past the end of the buffer which could cause a crash when reading a P2P message (CVE-2013-6481). NULL pointer dereferences in the MSN protocol plugin due to a malformed Content-Length header, or a malicious server or man-in-the-middle sending a specially crafted OIM data XML response or SOAP response (CVE-2013-6482). The XMPP protocol plugin failed to ensure that iq replies came from the person they were sent to. A remote user could send a spoofed iq reply and attempt to guess the iq id. This could allow an attacker to inject fake data or trigger a null pointer dereference (CVE-2013-6483). Incorrect error handling when reading the response from a STUN server could lead to a crash (CVE-2013-6484). A malicious server or man-in-the-middle could cause a buffer overflow by sending a malformed HTTP response with chunked Transfer-Encoding with invalid chunk sizes (CVE-2013-6485). A malicious server or man-in-the-middle could send a large value for Content-Length and cause an integer overflow which could lead to a buffer overflow in Gadu-Gadu HTTP parsing (CVE-2013-6487). A specially crafted emoticon value could cause an integer overflow which could lead to a buffer overflow in MXit emoticon parsing (CVE-2013-6489). A Content-Length of -1 could lead to a buffer overflow in SIMPLE header parsing (CVE-2013-6490). A malicious server or man-in-the-middle could trigger a crash in IRC argument parsing in libpurple by sending a message with fewer than expected arguments (CVE-2014-0020).

Affected Products

VendorProductVersionsPlatforms
Mageiapidgin0 (affected), 2.10.9-1.mga3 (unaffected), 0 (affected), 2.10.9-1.mga3 (unaffected)
Mageianet_monitor0 (affected), 0.16-1.mga4 (unaffected)

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›