This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
Multiple vulnerabilities has been discovered and corrected in pidgin :
When receiving various stanzas related to voice and video chat, the
XMPP protocol plugin failed to ensure that the incoming message
contained all required fields, and would crash if certain fields were
When receiving various messages related to requesting or receiving
authorization for adding a buddy to a buddy list, the oscar protocol
plugin failed to validate that a piece of text was UTF-8. In some
cases invalid UTF-8 data would lead to a crash (CVE-2011-4601).
When receiving various incoming messages, the SILC protocol plugin
failed to validate that a piece of text was UTF-8. In some cases
invalid UTF-8 data would lead to a crash (CVE-2011-3594).
This update provides pidgin 2.10.1, which is not vulnerable to these
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true