Oval Definition:oval:org.opensuse.security:def:20091376
Revision Date:2021-08-15Version:1
Title:CVE-2009-1376
Description:

Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2009-1376
Mitre CVE-2009-1376
SUSE CVE-2009-1376
SUSE-SR:2009:013
SUSE-SR:2009:013
Platform(s):Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
openSUSE 10.3
openSUSE 11.0
openSUSE 11.1
SUSE Linux Enterprise Desktop 11 GA
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise SDK 10 SP2
SUSE Linux Enterprise SDK 11 GA
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4
Product(s):
Definition Synopsis
  • Release Information
  • sles10-sp2-sdk is installed
  • AND
  • finch-devel less than 2.3.1-10.15
  • OR finch less than 2.3.1-10.15
  • OR libpurple-devel less than 2.3.1-10.15
  • OR libpurple less than 2.3.1-10.15
  • OR pidgin-devel less than 2.3.1-10.15
  • OR pidgin less than 2.3.1-10.15
  • OR Package Information
  • sles10-sp2-sdk is installed
  • AND
  • gaim-devel less than 1.5.0-50.34
  • OR gaim less than 1.5.0-50.34
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • finch-2.6.6-0.25 is installed
  • OR finch-devel-2.6.6-0.25 is installed
  • OR libpurple-2.6.6-0.25 is installed
  • OR libpurple-devel-2.6.6-0.25 is installed
  • OR libpurple-lang-2.6.6-0.25 is installed
  • OR pidgin-2.6.6-0.25 is installed
  • OR pidgin-devel-2.6.6-0.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • finch-2.6.6-0.25.2 is installed
  • OR finch-devel-2.6.6-0.25.2 is installed
  • OR libpurple-2.6.6-0.25.2 is installed
  • OR libpurple-devel-2.6.6-0.25.2 is installed
  • OR libpurple-lang-2.6.6-0.25.2 is installed
  • OR pidgin-2.6.6-0.25.2 is installed
  • OR pidgin-devel-2.6.6-0.25.2 is installed
    • BACK