CVE-2016-2371

Опубликовано: 06 янв. 2017

Источник: debian

EPSS Низкий

Описание

An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
pidgin	fixed	2.11.0-1		package

Примечания

http://www.talosintel.com/reports/TALOS-2016-0139/
http://www.pidgin.im/news/security/?id=104
https://bitbucket.org/pidgin/main/commits/f0287378203fbf496a9890bf273d96adefb93b74

EPSS

Процентиль: 87%

0.03521

Низкий

Связанные уязвимости

CVE-2016-2371

CVSS3: 8.1

ubuntu

около 9 лет назад

An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution.

CVE-2016-2371

CVSS3: 5.6

redhat

больше 9 лет назад

An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution.

CVE-2016-2371

CVSS3: 8.1

nvd

около 9 лет назад

An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution.

GHSA-m274-j8c5-8jg4

CVSS3: 8.1

github

больше 3 лет назад

An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution.

SUSE-SU-2016:2416-1

suse-cvrf

больше 9 лет назад

Security update for pidgin

EPSS

Процентиль: 87%

0.03521

Низкий