CVE-2012-2214

low

Published 2012-07-03 · Modified 2026-04-29

CVSS v3

—

CVSS v2

3.5

VIR risk

3.5

Description

proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (application crash) via a sequence of XMPP file-transfer requests.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2012-2214

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://pidgin.im/news/security/?id=62

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://hg.pidgin.im/pidgin/main/rev/5f9d676cefdb

OS impact

OS	Version	Status	Fixed in
debian	bookworm	fixed	`2.10.4-1`
debian	bullseye	fixed	`2.10.4-1`
debian	forky	fixed	`2.10.4-1`
debian	sid	fixed	`2.10.4-1`
debian	trixie	fixed	`2.10.4-1`

Application impact

Vendor	Product	Versions
pidgin	pidgin	`{"endIncluding":"2.10.3"}`
pidgin	pidgin	`2.0.0`
pidgin	pidgin	`2.0.1`
pidgin	pidgin	`2.0.2`
pidgin	pidgin	`2.1.0`
pidgin	pidgin	`2.1.1`
pidgin	pidgin	`2.2.0`
pidgin	pidgin	`2.2.1`
pidgin	pidgin	`2.2.2`
pidgin	pidgin	`2.3.0`
pidgin	pidgin	`2.3.1`
pidgin	pidgin	`2.4.0`
pidgin	pidgin	`2.4.1`
pidgin	pidgin	`2.4.2`
pidgin	pidgin	`2.4.3`
pidgin	pidgin	`2.5.0`
pidgin	pidgin	`2.5.1`
pidgin	pidgin	`2.5.2`
pidgin	pidgin	`2.5.3`
pidgin	pidgin	`2.5.4`
pidgin	pidgin	`2.5.5`
pidgin	pidgin	`2.5.6`
pidgin	pidgin	`2.5.7`
pidgin	pidgin	`2.5.8`
pidgin	pidgin	`2.5.9`
pidgin	pidgin	`2.6.0`
pidgin	pidgin	`2.6.1`
pidgin	pidgin	`2.6.2`
pidgin	pidgin	`2.6.4`
pidgin	pidgin	`2.6.5`
pidgin	pidgin	`2.6.6`
pidgin	pidgin	`2.7.0`
pidgin	pidgin	`2.7.1`
pidgin	pidgin	`2.7.2`
pidgin	pidgin	`2.7.3`
pidgin	pidgin	`2.7.4`
pidgin	pidgin	`2.7.5`
pidgin	pidgin	`2.7.6`
pidgin	pidgin	`2.7.7`
pidgin	pidgin	`2.7.8`
pidgin	pidgin	`2.7.9`
pidgin	pidgin	`2.7.10`
pidgin	pidgin	`2.7.11`
pidgin	pidgin	`2.8.0`
pidgin	pidgin	`2.9.0`
pidgin	pidgin	`2.10.0`
pidgin	pidgin	`2.10.1`
pidgin	pidgin	`2.10.2`

References

CWEs

CWE-399

Verify integrity in audit chain (admin only). AS-IS.