CVE-2009-1373

N/A Unknown
Published: May 26, 2009 Modified: April 23, 2026
View on NVD

Description

Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained from third party information.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://debian.org/security/2009/dsa-1805
Source: secalert@redhat.com
http://secunia.com/advisories/35188
Source: secalert@redhat.com
http://secunia.com/advisories/35194
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/35202
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/35215
Source: secalert@redhat.com
http://secunia.com/advisories/35294
Source: secalert@redhat.com
http://secunia.com/advisories/35329
Source: secalert@redhat.com
http://secunia.com/advisories/35330
Source: secalert@redhat.com
http://www.gentoo.org/security/en/glsa/glsa-200905-07.xml
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDVSA-2009:140
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDVSA-2009:173
Source: secalert@redhat.com
http://www.pidgin.im/news/security/?id=29
Source: secalert@redhat.com
Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2009-1059.html
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2009-1060.html
Source: secalert@redhat.com
http://www.securityfocus.com/bid/35067
Source: secalert@redhat.com
Patch
http://www.ubuntu.com/usn/USN-781-1
Source: secalert@redhat.com
http://www.ubuntu.com/usn/USN-781-2
Source: secalert@redhat.com
http://www.vupen.com/english/advisories/2009/1396
Source: secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=500488
Source: secalert@redhat.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/50682
Source: secalert@redhat.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17722
Source: secalert@redhat.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9005
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00033.html
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00051.html
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00075.html
Source: secalert@redhat.com
http://debian.org/security/2009/dsa-1805
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/35188
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/35194
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/35202
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/35215
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/35294
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/35329
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/35330
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.gentoo.org/security/en/glsa/glsa-200905-07.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2009:140
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2009:173
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.pidgin.im/news/security/?id=29
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2009-1059.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2009-1060.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/35067
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.ubuntu.com/usn/USN-781-1
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/USN-781-2
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2009/1396
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.redhat.com/show_bug.cgi?id=500488
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/50682
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17722
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9005
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00033.html
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00051.html
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00075.html
Source: af854a3a-2127-422b-91ae-364da2661108

50 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
8.4%
92th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

pidgin

Related CVEs

CVE-2026-7041 3.7
CVE-2026-7039 7.8
CVE-2026-7038 3.3
CVE-2026-7037 9.8
CVE-2026-7036 7.3