CVE-2013-6489

Published: Feb 6, 2014Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Integer signedness error in the MXit functionality in Pidgin before 2.10.8 allows remote attackers to cause a denial of service (segmentation fault) via a crafted emoticon value, which triggers an integer overflow and a buffer overflow.

Affected (53)

Products: Pidgin: Pidgin

Pidgin

1 product

Pidgin

Configuration A

53 vulnerable

Vulnerable Software	Affected Versions
Pidgin Pidgin	Up to 2.10.7
Pidgin Pidgin	Version 2.0.0
Pidgin Pidgin	Version 2.0.1
Pidgin Pidgin	Version 2.0.2
Pidgin Pidgin	Version 2.1.0
Pidgin Pidgin	Version 2.1.1
Pidgin Pidgin	Version 2.10.0
Pidgin Pidgin	Version 2.10.1
Pidgin Pidgin	Version 2.10.2
Pidgin Pidgin	Version 2.10.3
Pidgin Pidgin	Version 2.10.4
Pidgin Pidgin	Version 2.10.5
Pidgin Pidgin	Version 2.10.6
Pidgin Pidgin	Version 2.2.0
Pidgin Pidgin	Version 2.2.1
Pidgin Pidgin	Version 2.2.2
Pidgin Pidgin	Version 2.3.0
Pidgin Pidgin	Version 2.3.1
Pidgin Pidgin	Version 2.4.0
Pidgin Pidgin	Version 2.4.1
Pidgin Pidgin	Version 2.4.2
Pidgin Pidgin	Version 2.4.3
Pidgin Pidgin	Version 2.5.0
Pidgin Pidgin	Version 2.5.1
Pidgin Pidgin	Version 2.5.2
Pidgin Pidgin	Version 2.5.3
Pidgin Pidgin	Version 2.5.4
Pidgin Pidgin	Version 2.5.5
Pidgin Pidgin	Version 2.5.6
Pidgin Pidgin	Version 2.5.7
Pidgin Pidgin	Version 2.5.8
Pidgin Pidgin	Version 2.5.9
Pidgin Pidgin	Version 2.6.0
Pidgin Pidgin	Version 2.6.1
Pidgin Pidgin	Version 2.6.2
Pidgin Pidgin	Version 2.6.3
Pidgin Pidgin	Version 2.6.4
Pidgin Pidgin	Version 2.6.5
Pidgin Pidgin	Version 2.6.6
Pidgin Pidgin	Version 2.7.0
Pidgin Pidgin	Version 2.7.10
Pidgin Pidgin	Version 2.7.11
Pidgin Pidgin	Version 2.7.1
Pidgin Pidgin	Version 2.7.2
Pidgin Pidgin	Version 2.7.3
Pidgin Pidgin	Version 2.7.4
Pidgin Pidgin	Version 2.7.5
Pidgin Pidgin	Version 2.7.6
Pidgin Pidgin	Version 2.7.7
Pidgin Pidgin	Version 2.7.8
Pidgin Pidgin	Version 2.7.9
Pidgin Pidgin	Version 2.8.0
Pidgin Pidgin	Version 2.9.0