CVE-2016-2375

Опубликовано: 06 янв. 2017

Источник: debian

EPSS Низкий

Описание

An exploitable out-of-bounds read exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT contact information sent from the server can result in memory disclosure.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
pidgin	fixed	2.11.0-1		package

Примечания

http://www.talosintel.com/reports/TALOS-2016-0143/
http://www.pidgin.im/news/security/?id=108
https://bitbucket.org/pidgin/main/commits/b786e9814536

EPSS

Процентиль: 65%

0.00483

Низкий

Связанные уязвимости

CVE-2016-2375

CVSS3: 5.3

ubuntu

около 9 лет назад

An exploitable out-of-bounds read exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT contact information sent from the server can result in memory disclosure.

CVE-2016-2375

CVSS3: 4.8

redhat

больше 9 лет назад

An exploitable out-of-bounds read exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT contact information sent from the server can result in memory disclosure.

CVE-2016-2375

CVSS3: 5.3

nvd

около 9 лет назад

An exploitable out-of-bounds read exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT contact information sent from the server can result in memory disclosure.

GHSA-p9cc-rrr9-3869

CVSS3: 5.3

github

больше 3 лет назад

An exploitable out-of-bounds read exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT contact information sent from the server can result in memory disclosure.

EPSS

Процентиль: 65%

0.00483

Низкий