This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.
An instant messaging client installed on the remote Windows host is
potentially affected by multiple denial of service vulnerabilities.
The version of Pidgin installed on the remote host is earlier than
2.10.2 and is potentially affected by the following issues :
- A denial of service vulnerability (NULL pointer
dereference) in the 'pidgin_conv_chat_rename_user'
function in 'gtkconv.c'. Remote attackers can trigger
the vulnerability by performing certain types of
nickname changes while in an XMPP chat room.
- The msn_oim_report_to_user function in oim.c allows
remote servers to cause an application crash by
sending an OIM message without UTF-8 encoding.
See also :
Upgrade to Pidgin 2.10.2 or later.
Risk factor :
Medium / CVSS Base Score : 6.4
CVSS Temporal Score : 5.6
Public Exploit Available : false