What is the severity of CVE-2010-0420?

CVE-2010-0420 has a severity rating that indicates it can lead to a denial of service due to application crashes.

How do I fix CVE-2010-0420?

To fix CVE-2010-0420, users should upgrade to Pidgin version 2.6.6 or later.

What software is affected by CVE-2010-0420?

CVE-2010-0420 affects Pidgin versions from 2.0.0 up to and including 2.6.5.

What type of vulnerability is CVE-2010-0420?

CVE-2010-0420 is a denial of service vulnerability caused by improper parsing of nicknames in XMPP multi-user chat rooms.

Can I still use Pidgin if I have CVE-2010-0420?

It is not recommended to use Pidgin versions affected by CVE-2010-0420 as they are vulnerable to potential crashes.

Vulnerability/
CVE-2010-0420

medium

4.3

CWE

16/2/2010

24/2/2010

7/8/2024

CVE-2010-0420: Input Validation

First published: Tue Feb 16 2010(Updated: )

libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nicknames containing <br> sequences, which allows remote attackers to cause a denial of service (application crash) via a crafted nickname.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Pidgin	=2.5.9
Pidgin	=2.5.8
Pidgin	=2.1.0
Pidgin	=2.6.0
Pidgin	=2.5.2
Pidgin	=2.5.1
Pidgin	=2.5.6
Pidgin	=2.5.7
Pidgin	=2.0.1
Pidgin	=2.4.2
Pidgin	=2.5.4
Pidgin	=2.5.5
Pidgin	=2.2.2
Pidgin	=2.1.1
Pidgin	=2.3.1
Pidgin	=2.4.3
Pidgin	=2.0.0
Pidgin	=2.0.2
Pidgin	=2.3.0
Pidgin	=2.4.1
Pidgin	=2.4.0
Pidgin	=2.6.2
Pidgin	=2.5.0
Pidgin	=2.2.0
Pidgin	=2.2.1
Pidgin	<=2.6.5
Pidgin	=2.5.3
Pidgin	=2.6.1
Pidgin	=2.6.4

Remedy

http://developer.pidgin.im/wiki/ChangeLog

Remedy

http://www.vupen.com/english/advisories/2010/0413

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-0420?
CVE-2010-0420 has a severity rating that indicates it can lead to a denial of service due to application crashes.
How do I fix CVE-2010-0420?
To fix CVE-2010-0420, users should upgrade to Pidgin version 2.6.6 or later.
What software is affected by CVE-2010-0420?
CVE-2010-0420 affects Pidgin versions from 2.0.0 up to and including 2.6.5.
What type of vulnerability is CVE-2010-0420?
CVE-2010-0420 is a denial of service vulnerability caused by improper parsing of nicknames in XMPP multi-user chat rooms.
Can I still use Pidgin if I have CVE-2010-0420?
It is not recommended to use Pidgin versions affected by CVE-2010-0420 as they are vulnerable to potential crashes.

agent/references
agent/type
agent/remedy
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/author
agent/severity
agent/weakness
agent/last-modified-date
agent/description
agent/event
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2010-0420
agent/trending
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/pidgin
canonical/pidgin
version/pidgin/2.5.9
version/pidgin/2.5.8
version/pidgin/2.1.0
version/pidgin/2.6.0
version/pidgin/2.5.2
version/pidgin/2.5.1
version/pidgin/2.5.6
version/pidgin/2.5.7
version/pidgin/2.0.1
version/pidgin/2.4.2
version/pidgin/2.5.4
version/pidgin/2.5.5
version/pidgin/2.2.2
version/pidgin/2.1.1
version/pidgin/2.3.1
version/pidgin/2.4.3
version/pidgin/2.0.0
version/pidgin/2.0.2
version/pidgin/2.3.0
version/pidgin/2.4.1
version/pidgin/2.4.0
version/pidgin/2.6.2
version/pidgin/2.5.0
version/pidgin/2.2.0
version/pidgin/2.2.1
version/pidgin/2.6.5
version/pidgin/2.5.3
version/pidgin/2.6.1
version/pidgin/2.6.4

CVE-2010-0420: Input Validation

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-0420?

How do I fix CVE-2010-0420?

What software is affected by CVE-2010-0420?

What type of vulnerability is CVE-2010-0420?

Can I still use Pidgin if I have CVE-2010-0420?

Company

Resources

Contact