oval:org.mitre.oval:def:18432

Definition Id: oval:org.mitre.oval:def:18432

Oval ID:	oval:org.mitre.oval:def:18432
Title:	Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927
Description:	Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-1376	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Pidgin
Definition Synopsis:
Pidgin is installed AND Version of Pidgin less than 2.5.6

Definition Id: oval:org.mitre.oval:def:12366

Oval ID:	oval:org.mitre.oval:def:12366
Title:	Pidgin is installed
Description:	Pidgin is installed
Family:	windows	Class:	inventory
Reference(s):	cpe:/a:pidgin:pidgin	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Pidgin
Definition Synopsis:
Check if Pidgin is installed
Referenced By:
oval:org.mitre.oval:def:18432