Security Advisory

CVE-2013-6483

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-02-06 15:00:00

Last updated 2024-08-06 17:39:01

Assigner redhat

State PUBLISHED

Description

The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not properly determine whether the from address in an iq reply is consistent with the to address in an iq request, which allows remote attackers to spoof iq traffic or cause a denial of service (NULL pointer dereference and application crash) via a crafted reply.

← Browse all CVEs View on cve.org ↗