Vulnerabilities > Adium

DATE CVE VULNERABILITY TITLE RISK
2010-01-09 CVE-2010-0277 Resource Management Errors vulnerability in multiple products
slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a different issue than CVE-2010-0013.
network
low complexity
adium pidgin CWE-399
5.0
2010-01-09 CVE-2010-0013 Path Traversal vulnerability in multiple products
Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a ..
7.5
2009-10-20 CVE-2009-3615 Resource Management Errors vulnerability in multiple products
The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client.
network
low complexity
adium pidgin CWE-399
5.0
2009-09-09 CVE-2008-7190 Cross-Site Scripting vulnerability in Adium
Unspecified vulnerability in Adium before 1.2 has unknown impact and attack vectors related to javascript: URLs, possibly cross-site scripting (XSS).
network
low complexity
adium
critical
10.0
2009-08-21 CVE-2009-2694 Resource Management Errors vulnerability in multiple products
The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by sending multiple crafted SLP (aka MSNSLP) messages to trigger an overwrite of an arbitrary memory location.
network
low complexity
adium pidgin CWE-399
critical
10.0