CVE-2008-2957
EPSS 1.7%
Description
The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service (memory or disk consumption) via a UDP packet that specifies an arbitrary URL.
How to fix CVE-2008-2957
To remediate CVE-2008-2957, upgrade the affected package to a fixed version below.
- Debian/pidgin—upgrade to 2.4.3-4 or later
Is CVE-2008-2957 being exploited?
Low — EPSS is 1.7%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2.4.3-4