Adium Adium 1.3.8

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:adium:adium:1.3.8:*:*:*:*:*:*:*

part: a version: 1.3.8 update: *

VendorAdium (f73555a0-b739-5425-83af-3bff4a5988d6)
ProductAdium (c82e68f1-da06-5990-8616-d94cfb23b402)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:github/adium/adium purl2cpe 2026-06-01 10:11:22.387864
pkg:sourceforge/adium purl2cpe 2026-06-01 10:11:22.387865

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2010-0277 vulnerable 2026-06-03 14:30:07.950483 Details available
slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a different issue than CVE-2010-0013.
Published: 2010-01-09T18:00:00.000Z
Updated: 2024-08-07T00:45:11.716Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2010-0013 vulnerable 2026-06-03 14:30:01.566483 Details available
Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon.
Published: 2010-01-09T18:00:00.000Z
Updated: 2024-08-07T00:37:52.483Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.