| Definition ID | Class | Title | Last Modified |
|---|
| oval:org.mitre.oval:def:9076 | V | The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service (memory or disk consumption) via a UDP packet that specifies an arbitrary URL. | 2013-04-29 |
| oval:org.mitre.oval:def:10131 | V | Pidgin 2.4.1 allows remote attackers to cause a denial of service (crash) via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msn_slplink_process_msg function. | 2013-04-29 |
| oval:org.mitre.oval:def:10979 | V | The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service. | 2013-04-29 |