VulnerableCode Vulnerability Details - VCID-j7ap-11qk-ufeb

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-j7ap-11qk-ufeb

Essentials
Severities (15)
References (8)
Severity details (0)
Exploits (1)
EPSS
History (1)

Vulnerability ID	VCID-j7ap-11qk-ufeb
Aliases	CVE-2009-2694
Summary	Multiple vulnerabilities have been discovered in Pidgin, leading to the remote execution of arbitrary code, unauthorized information disclosure, or Denial of Service.
Status	Published
Exploitability	2.0
Weighted Severity	0.3
Risk	0.6
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-228	Improper Handling of Syntactically Invalid Structure
CWE-119	Improper Restriction of Operations within the Bounds of a Memory Buffer

System	Score	Found at
epss	0.34712	https://api.first.org/data/v1/epss?cve=CVE-2009-2694
epss	0.34712	https://api.first.org/data/v1/epss?cve=CVE-2009-2694
epss	0.34712	https://api.first.org/data/v1/epss?cve=CVE-2009-2694
epss	0.34712	https://api.first.org/data/v1/epss?cve=CVE-2009-2694
epss	0.34712	https://api.first.org/data/v1/epss?cve=CVE-2009-2694
epss	0.34712	https://api.first.org/data/v1/epss?cve=CVE-2009-2694
epss	0.34712	https://api.first.org/data/v1/epss?cve=CVE-2009-2694
epss	0.34712	https://api.first.org/data/v1/epss?cve=CVE-2009-2694
epss	0.34712	https://api.first.org/data/v1/epss?cve=CVE-2009-2694
epss	0.34712	https://api.first.org/data/v1/epss?cve=CVE-2009-2694
epss	0.34712	https://api.first.org/data/v1/epss?cve=CVE-2009-2694
epss	0.34712	https://api.first.org/data/v1/epss?cve=CVE-2009-2694
epss	0.34712	https://api.first.org/data/v1/epss?cve=CVE-2009-2694
epss	0.34712	https://api.first.org/data/v1/epss?cve=CVE-2009-2694
epss	0.34712	https://api.first.org/data/v1/epss?cve=CVE-2009-2694

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2694.json
		https://api.first.org/data/v1/epss?cve=CVE-2009-2694
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694
514957		https://bugzilla.redhat.com/show_bug.cgi?id=514957
542486		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542486
GLSA-200910-02		https://security.gentoo.org/glsa/200910-02
RHSA-2009:1218		https://access.redhat.com/errata/RHSA-2009:1218
USN-820-1		https://usn.ubuntu.com/820-1/

Data source	Exploit-DB
Date added	Sept. 8, 2009
Description	Pidgin MSN 2.5.8 - Remote Code Execution
Ransomware campaign use	Known
Source publication date	Sept. 9, 2009
Exploit type	remote
Platform	windows

There are no known vectors.

Exploit Prediction Scoring System (EPSS)

Percentile	0.96983
EPSS Score	0.34712
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:00:37.380984+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/200910-02	38.0.0