2017-10-16 12:31:07 -04:00
{
2019-03-18 01:21:07 +00:00
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com" ,
"ID" : "CVE-2008-2927" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a" ,
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
} ,
"vendor_name" : "n/a"
}
2017-10-16 12:31:07 -04:00
]
2019-03-18 01:21:07 +00:00
}
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
"value" : "Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955."
}
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "n/a"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"name" : "USN-675-2" ,
"refsource" : "UBUNTU" ,
"url" : "http://www.ubuntu.com/usn/USN-675-2"
} ,
{
"name" : "[oss-security] 20080703 Re: Re: CVE Request (pidgin)" ,
"refsource" : "MLIST" ,
"url" : "http://www.openwall.com/lists/oss-security/2008/07/04/1"
} ,
{
"name" : "RHSA-2008:0584" ,
"refsource" : "REDHAT" ,
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0584.html"
} ,
{
"name" : "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c" ,
"refsource" : "CONFIRM" ,
"url" : "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c"
} ,
{
"name" : "32861" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/32861"
} ,
{
"name" : "1020451" ,
"refsource" : "SECTRACK" ,
"url" : "http://www.securitytracker.com/id?1020451"
} ,
{
"name" : "30971" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/30971"
} ,
{
"name" : "oval:org.mitre.oval:def:11695" ,
"refsource" : "OVAL" ,
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11695"
} ,
{
"name" : "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c" ,
"refsource" : "CONFIRM" ,
"url" : "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c"
} ,
{
"name" : "29956" ,
"refsource" : "BID" ,
"url" : "http://www.securityfocus.com/bid/29956"
} ,
{
"name" : "MDVSA-2008:143" ,
"refsource" : "MANDRIVA" ,
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:143"
} ,
{
"name" : "oval:org.mitre.oval:def:17972" ,
"refsource" : "OVAL" ,
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17972"
} ,
{
"name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246" ,
"refsource" : "CONFIRM" ,
"url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246"
} ,
{
"name" : "https://issues.rpath.com/browse/RPL-2647" ,
"refsource" : "CONFIRM" ,
"url" : "https://issues.rpath.com/browse/RPL-2647"
} ,
{
"name" : "MDVSA-2009:127" ,
"refsource" : "MANDRIVA" ,
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:127"
} ,
{
"name" : "[oss-security] 20080704 Re: Re: CVE Request (pidgin)" ,
"refsource" : "MLIST" ,
"url" : "http://www.openwall.com/lists/oss-security/2008/07/03/6"
} ,
{
"name" : "31105" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/31105"
} ,
{
"name" : "http://www.pidgin.im/news/security/?id=25" ,
"refsource" : "CONFIRM" ,
"url" : "http://www.pidgin.im/news/security/?id=25"
} ,
{
"name" : "USN-675-1" ,
"refsource" : "UBUNTU" ,
"url" : "http://www.ubuntu.com/usn/USN-675-1"
} ,
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-08-054" ,
"refsource" : "MISC" ,
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-08-054"
} ,
{
"name" : "31642" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/31642"
} ,
{
"name" : "32859" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/32859"
} ,
{
"name" : "31387" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/31387"
} ,
{
"name" : "DSA-1610" ,
"refsource" : "DEBIAN" ,
"url" : "http://www.debian.org/security/2008/dsa-1610"
} ,
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=453764" ,
"refsource" : "CONFIRM" ,
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=453764"
} ,
{
"name" : "31016" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/31016"
} ,
{
"name" : "20080828 ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability" ,
"refsource" : "BUGTRAQ" ,
"url" : "http://www.securityfocus.com/archive/1/495818/100/0/threaded"
} ,
{
"name" : "adium-msnprotocol-code-execution(44774)" ,
"refsource" : "XF" ,
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44774"
} ,
{
"name" : "ADV-2008-2032" ,
"refsource" : "VUPEN" ,
"url" : "http://www.vupen.com/english/advisories/2008/2032/references"
} ,
{
"name" : "20080625 Pidgin 2.4.1 Vulnerability" ,
"refsource" : "BUGTRAQ" ,
"url" : "http://www.securityfocus.com/archive/1/493682"
} ,
{
"name" : "20080806 rPSA-2008-0246-1 gaim" ,
"refsource" : "BUGTRAQ" ,
"url" : "http://www.securityfocus.com/archive/1/495165/100/0/threaded"
}
]
}
}
