CVE-2013-6483

NONECVSS 0.0

0.0

The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not properly determine whether the from address in an iq reply is consistent with the to address in an iq request, which allows remote attackers to spoof iq traffic or cause a denial of service (NULL pointer dereference and application crash) via a crafted reply.

🔗 References (14)

secalert@redhathttp://hg.pidgin.im/pidgin/main/rev/93d4bff19574
secalert@redhathttp://lists.opensuse.org/opensuse-updates/2014-02/msg00039.html
secalert@redhathttp://lists.opensuse.org/opensuse-updates/2014-03/msg00005.html
secalert@redhathttp://pidgin.im/news/security/?id=78
secalert@redhathttp://www.debian.org/security/2014/dsa-2859
secalert@redhathttp://www.ubuntu.com/usn/USN-2100-1
secalert@redhathttps://rhn.redhat.com/errata/RHSA-2014-0139.html
af854a3a-2127-422b-91ae-364da2661108http://hg.pidgin.im/pidgin/main/rev/93d4bff19574
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-02/msg00039.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-03/msg00005.html
af854a3a-2127-422b-91ae-364da2661108http://pidgin.im/news/security/?id=78
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-2859
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2100-1
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2014-0139.html

Is Your Infrastructure Affected by CVE-2013-6483?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2013-6483

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2013-6483?