Pidgin < 2.5.6 Multiple Buffer Overflow Vulnerabilities

High Nessus Network Monitor Plugin ID 5032


The remote host is affected by multiple remote buffer overflow vulnerabilities.


The remote host is running Pidgin earlier than 2.5.6. Such versions are reportedly affected by multiple remote buffer overflow vulnerabilities :

- A buffer overflow issue in the 'decrypt_out()' function can be exploited through specially crafted 'QQ' packets. (CVE-2009-1374)

- A buffer maintained by PurpleCircBuffer which is used by XMPP and Sametime protocol plugins can be corrupted if it's exactly full and then more bytes are added to it. (CVE-2009-1375)

- A buffer overflow is possible when initiating a file transfer to a malicious buddy over XMPP. (CVE-2009-1373)

- An integer-overflow issue exists in the application due to a n incorrect typecasting of 'int64' to 'size_t'. (CVE-2009-1376)

Successful exploitation could allow an attacker to execute arbitrary code on the remote host.


Upgrade to Pidgin 2.5.6 or later.

See Also

Plugin Details

Severity: High

ID: 5032

File Name: 5032.prm

Published: 2004/08/18

Modified: 2016/01/15

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C


Base Score: 7.3

Temporal Score: 6.4


Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2009-1373, CVE-2009-1374, CVE-2009-1375, CVE-2009-1376

BID: 35067