What is the severity of CVE-2014-0020?

The severity of CVE-2014-0020 is classified as a denial-of-service vulnerability.

How do I fix CVE-2014-0020?

To fix CVE-2014-0020, upgrade Pidgin to version 2.10.8 or later.

What causes the vulnerability in CVE-2014-0020?

CVE-2014-0020 is caused by the IRC protocol plugin not validating argument counts.

What impact does CVE-2014-0020 have on affected systems?

The impact of CVE-2014-0020 is that it can lead to application crashes on affected systems.

Which versions of Pidgin are affected by CVE-2014-0020?

Versions of Pidgin prior to 2.10.8, including all between 2.0.0 and 2.10.7, are affected by CVE-2014-0020.

Vulnerability/
CVE-2014-0020

medium

CWE

6/2/2014

6/8/2024

CVE-2014-0020: Input Validation

First published: Thu Feb 06 2014(Updated: )

The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not validate argument counts, which allows remote IRC servers to cause a denial of service (application crash) via a crafted message.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Pidgin	<=2.10.7
Pidgin	=2.0.0
Pidgin	=2.0.1
Pidgin	=2.0.2
Pidgin	=2.1.0
Pidgin	=2.1.1
Pidgin	=2.2.0
Pidgin	=2.2.1
Pidgin	=2.2.2
Pidgin	=2.3.0
Pidgin	=2.3.1
Pidgin	=2.4.0
Pidgin	=2.4.1
Pidgin	=2.4.2
Pidgin	=2.4.3
Pidgin	=2.5.0
Pidgin	=2.5.1
Pidgin	=2.5.2
Pidgin	=2.5.3
Pidgin	=2.5.4
Pidgin	=2.5.5
Pidgin	=2.5.6
Pidgin	=2.5.7
Pidgin	=2.5.8
Pidgin	=2.5.9
Pidgin	=2.6.0
Pidgin	=2.6.1
Pidgin	=2.6.2
Pidgin	=2.6.3
Pidgin	=2.6.4
Pidgin	=2.6.5
Pidgin	=2.6.6
Pidgin	=2.7.0
Pidgin	=2.7.1
Pidgin	=2.7.2
Pidgin	=2.7.3
Pidgin	=2.7.4
Pidgin	=2.7.5
Pidgin	=2.7.6
Pidgin	=2.7.7
Pidgin	=2.7.8
Pidgin	=2.7.9
Pidgin	=2.7.10
Pidgin	=2.7.11
Pidgin	=2.8.0
Pidgin	=2.9.0
Pidgin	=2.10.0
Pidgin	=2.10.1
Pidgin	=2.10.2
Pidgin	=2.10.3
Pidgin	=2.10.4
Pidgin	=2.10.5
Pidgin	=2.10.6

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-0020?
The severity of CVE-2014-0020 is classified as a denial-of-service vulnerability.
How do I fix CVE-2014-0020?
To fix CVE-2014-0020, upgrade Pidgin to version 2.10.8 or later.
What causes the vulnerability in CVE-2014-0020?
CVE-2014-0020 is caused by the IRC protocol plugin not validating argument counts.
What impact does CVE-2014-0020 have on affected systems?
The impact of CVE-2014-0020 is that it can lead to application crashes on affected systems.
Which versions of Pidgin are affected by CVE-2014-0020?
Versions of Pidgin prior to 2.10.8, including all between 2.0.0 and 2.10.7, are affected by CVE-2014-0020.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/severity
agent/last-modified-date
agent/first-publish-date
agent/event
agent/description
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/pidgin
canonical/pidgin
version/pidgin/2.10.7
version/pidgin/2.0.0
version/pidgin/2.0.1
version/pidgin/2.0.2
version/pidgin/2.1.0
version/pidgin/2.1.1
version/pidgin/2.2.0
version/pidgin/2.2.1
version/pidgin/2.2.2
version/pidgin/2.3.0
version/pidgin/2.3.1
version/pidgin/2.4.0
version/pidgin/2.4.1
version/pidgin/2.4.2
version/pidgin/2.4.3
version/pidgin/2.5.0
version/pidgin/2.5.1
version/pidgin/2.5.2
version/pidgin/2.5.3
version/pidgin/2.5.4
version/pidgin/2.5.5
version/pidgin/2.5.6
version/pidgin/2.5.7
version/pidgin/2.5.8
version/pidgin/2.5.9
version/pidgin/2.6.0
version/pidgin/2.6.1
version/pidgin/2.6.2
version/pidgin/2.6.3
version/pidgin/2.6.4
version/pidgin/2.6.5
version/pidgin/2.6.6
version/pidgin/2.7.0
version/pidgin/2.7.1
version/pidgin/2.7.2
version/pidgin/2.7.3
version/pidgin/2.7.4
version/pidgin/2.7.5
version/pidgin/2.7.6
version/pidgin/2.7.7
version/pidgin/2.7.8
version/pidgin/2.7.9
version/pidgin/2.7.10
version/pidgin/2.7.11
version/pidgin/2.8.0
version/pidgin/2.9.0
version/pidgin/2.10.0
version/pidgin/2.10.1
version/pidgin/2.10.2
version/pidgin/2.10.3
version/pidgin/2.10.4
version/pidgin/2.10.5
version/pidgin/2.10.6