CVE-2009-1373 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-1373 Interim 1 11 2025-11-05T06:07:47Z current 2021-05-30T12:46:50Z 2025-11-05T06:07:47Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-1373 Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained from third party information. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/REP6FQVBIJ72M2B4QC3K5OUCNKQWJYHC/#REP6FQVBIJ72M2B4QC3K5OUCNKQWJYHC E-Mail link for SUSE-SR:2009:013 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 finch-2.6.6-0.25.2 finch-devel-2.6.6-0.25.2 libpurple-2.6.6-0.25.2 libpurple-devel-2.6.6-0.25.2 libpurple-lang-2.6.6-0.25.2 pidgin-2.6.6-0.25.2 pidgin-devel-2.6.6-0.25.2 finch-2.6.6-0.25.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 finch-devel-2.6.6-0.25.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libpurple-2.6.6-0.25.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libpurple-devel-2.6.6-0.25.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libpurple-lang-2.6.6-0.25.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 pidgin-2.6.6-0.25.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 pidgin-devel-2.6.6-0.25.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained from third party information. CVE-2009-1373 SUSE Linux Enterprise Software Development Kit 11 SP4:finch-2.6.6-0.25.2 SUSE Linux Enterprise Software Development Kit 11 SP4:finch-devel-2.6.6-0.25.2 SUSE Linux Enterprise Software Development Kit 11 SP4:libpurple-2.6.6-0.25.2 SUSE Linux Enterprise Software Development Kit 11 SP4:libpurple-devel-2.6.6-0.25.2 SUSE Linux Enterprise Software Development Kit 11 SP4:libpurple-lang-2.6.6-0.25.2 SUSE Linux Enterprise Software Development Kit 11 SP4:pidgin-2.6.6-0.25.2 SUSE Linux Enterprise Software Development Kit 11 SP4:pidgin-devel-2.6.6-0.25.2 important 7.1 AV:N/AC:H/Au:S/C:C/I:C/A:C