Vulnerabilities > CVE-2008-2956 - Resource Management Errors vulnerability in Pidgin 2.0.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Memory leak in Pidgin 2.0.0, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption) via malformed XML documents. NOTE: this issue has been disputed by the upstream vendor, who states: "I was never able to identify a scenario under which a problem occurred and the original reporter wasn't able to supply any sort of reproduction details."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
References
- http://crisp.cs.du.edu/?q=ca2007-1
- http://www.openwall.com/lists/oss-security/2008/06/27/3
- http://www.securityfocus.com/bid/29985
- http://secunia.com/advisories/31387
- https://issues.rpath.com/browse/RPL-2647
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246
- http://www.securityfocus.com/archive/1/495165/100/0/threaded