Posts Tagged ‘Pidgin vulnerabilities’


PidginFive new vulnerabilities in universal instant messenger client

There are five vulnerabilities fixed in the client messaging Pidgin. Administrators are advised to update to version 2.10.10.

The program for instant messaging on the Internet Pidgin updated to version 2.10.10. Administrators are advised to install the updates immediately because they fixed five vulnerabilities.

Vulnerability CVE-2014-3698 allows attackers to steal information from the memory process in XMPP-messages. Vulnerability CVE-2014-3697 possible to change arbitrary files when connecting a specially designed theme emoticons (only in Windows). Vulnerabilities CVE-2014-3696 and CVE-2014-3695 could lead to abnormal termination of the process,  and CVE-2014-3694 leads to errors when checking SSL-certificates. (more…)

LinuxIn the implementation of the Linux kernel x32 ABI found serious vulnerability

The critical vulnerability (CVE-2014 – 0038) has been detected in the Linux kernel.

The vulnerability allows local users to elevate their privileges in the system and execute code with kernel privileges. The problem occurs only when compiling the kernel with support for x32 ABI, allowing the use of 64 -bit systems, 32-bit memory addressing model. The vulnerability manifests itself only on 64- discharge of the Linux kernel since release 3.4, compiled with the option CONFIG_X86_X32 (not to be confused with CONFIG_X86_32, the problem is not subject to the configuration in which the 32- bit applications run on a system with 64- bit kernel and 32-bit kernel build without support x32 ABI). (more…)