GCVE - cpe:2.3:a:adium:adium:1.0.2:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:adium:adium:1.0.2:*:*:*:*:*:*:*

part: a version: 1.0.2 update: *

Vendor	Adium (`f73555a0-b739-5425-83af-3bff4a5988d6`)
Product	Adium (`c82e68f1-da06-5990-8616-d94cfb23b402`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/adium/adium`	purl2cpe	2026-06-01 10:11:22.369228
`pkg:sourceforge/adium`	purl2cpe	2026-06-01 10:11:22.369230

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2009-3615`	vulnerable	2026-06-03 14:29:52.195719	Details available The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client. Published: 2009-10-20T17:00:00.000Z Updated: 2024-08-07T06:31:10.699Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2009/2949 http://secunia.com/advisories/37017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18388 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9414 http://developer.pidgin.im/viewmtn/revision/info/781682333aea0c801d280c3507ee25552a60bfc0	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-7190`	vulnerable	2026-06-03 14:29:20.612624	Details available Unspecified vulnerability in Adium before 1.2 has unknown impact and attack vectors related to javascript: URLs, possibly cross-site scripting (XSS). Published: 2009-09-09T17:00:00.000Z Updated: 2024-09-16T18:23:21.392Z Open on db.gcve.eu Reference links http://osvdb.org/41802 http://trac.adium.im/wiki/PreviousVersionHistory	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-2927`	vulnerable	2026-06-03 14:28:51.502269	Details available Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955. Published: 2008-07-07T23:00:00.000Z Updated: 2024-08-07T09:21:34.398Z Open on db.gcve.eu Reference links http://www.ubuntu.com/usn/USN-675-2 http://www.openwall.com/lists/oss-security/2008/07/04/1 http://www.redhat.com/support/errata/RHSA-2008-0584.html http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c http://secunia.com/advisories/32861	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.