Summary
This host has Pidgin installed and is prone to multiple vulnerabilities.
Impact
Successful exploitation will let the attacker obtain sensitive information by sniffing XMPP sessions and cause application crash.
Impact Level: Application
Solution
Upgrade to Pidgin version 2.6.1
http://pidgin.im/download
Insight
- The application connects to Jabberd servers that are not fully compliant with the XMPP specifications without encryption, even if the 'Require SSL/TLS' setting is configured.
- An error ocurrs in compililg libpurple while processing malicious links received via the Yahoo Messenger protocol.
Affected
Pidgin version 2.6.0 on Windows
References
Severity
Classification
-
CVE CVE-2009-3025, CVE-2009-3026 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities