Oval Definition:
oval:org.mitre.oval:def:13849
Revision Date
:
2014-06-30
Version
:
21
Title
:
USN-820-1 -- pidgin vulnerability
Description
:
Federico Muttis discovered that Pidgin did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges.
Family
:
unix
Class
:
patch
Status
:
ACCEPTED
Reference(s)
:
CVE-2009-2694
USN-820-1
USN-820-1
Platform(s)
:
Ubuntu 8.04
Ubuntu 8.10
Ubuntu 9.04
Product(s)
:
pidgin
Definition Synopsis
Release section
Ubuntu 8.10 is installed
AND
Architecture section
Architecture independent section
Installed architecture is all
AND
Packages section
libpurple-dev DPKG is earlier than 1:2.5.2-0ubuntu1.4
OR
finch-dev DPKG is earlier than 1:2.5.2-0ubuntu1.4
OR
pidgin-dev DPKG is earlier than 1:2.5.2-0ubuntu1.4
OR
libpurple-bin DPKG is earlier than 1:2.5.2-0ubuntu1.4
OR
pidgin-data DPKG is earlier than 1:2.5.2-0ubuntu1.4
OR
Architecture depended section
Supported architectures section
Installed architecture is amd64
OR
Installed architecture is i386
OR
Installed architecture is powerpc
OR
Installed architecture is sparc
OR
Installed architecture is lpia
AND
Packages section
libpurple0 DPKG is earlier than 1:2.5.2-0ubuntu1.4
OR
pidgin-dbg DPKG is earlier than 1:2.5.2-0ubuntu1.4
OR
pidgin DPKG is earlier than 1:2.5.2-0ubuntu1.4
OR
finch DPKG is earlier than 1:2.5.2-0ubuntu1.4
OR
Release section
Ubuntu 8.04 is installed
AND
Architecture section
Architecture independent section
Installed architecture is all
AND
Packages section
finch-dev DPKG is earlier than 1:2.4.1-1ubuntu2.6
OR
pidgin-dev DPKG is earlier than 1:2.4.1-1ubuntu2.6
OR
gaim DPKG is earlier than 1:2.4.1-1ubuntu2.6
OR
libpurple-bin DPKG is earlier than 1:2.4.1-1ubuntu2.6
OR
libpurple-dev DPKG is earlier than 1:2.4.1-1ubuntu2.6
OR
pidgin-data DPKG is earlier than 1:2.4.1-1ubuntu2.6
OR
Architecture depended section
Supported architectures section
Installed architecture is amd64
OR
Installed architecture is i386
OR
Installed architecture is powerpc
OR
Installed architecture is sparc
OR
Installed architecture is lpia
AND
Packages section
libpurple0 DPKG is earlier than 1:2.4.1-1ubuntu2.6
OR
pidgin-dbg DPKG is earlier than 1:2.4.1-1ubuntu2.6
OR
pidgin DPKG is earlier than 1:2.4.1-1ubuntu2.6
OR
finch DPKG is earlier than 1:2.4.1-1ubuntu2.6
OR
Release section
Ubuntu 9.04 is installed
AND
Architecture section
Architecture independent section
Installed architecture is all
AND
Packages section
libpurple-dev DPKG is earlier than 1:2.5.5-1ubuntu8.4
OR
finch-dev DPKG is earlier than 1:2.5.5-1ubuntu8.4
OR
pidgin-dev DPKG is earlier than 1:2.5.5-1ubuntu8.4
OR
libpurple-bin DPKG is earlier than 1:2.5.5-1ubuntu8.4
OR
pidgin-data DPKG is earlier than 1:2.5.5-1ubuntu8.4
OR
Architecture depended section
Supported architectures section
Installed architecture is powerpc
OR
Installed architecture is amd64
OR
Installed architecture is lpia
OR
Installed architecture is i386
AND
Packages section
finch DPKG is earlier than 1:2.5.5-1ubuntu8.4
OR
pidgin-dbg DPKG is earlier than 1:2.5.5-1ubuntu8.4
OR
pidgin DPKG is earlier than 1:2.5.5-1ubuntu8.4
OR
libpurple0 DPKG is earlier than 1:2.5.5-1ubuntu8.4
BACK