CVE-2016-2371

Опубликовано: 21 июн. 2016

Источник: redhat

CVSS3: 5.6

CVSS2: 5.1

EPSS Низкий

Описание

An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	pidgin	Will not fix
Red Hat Enterprise Linux 6	pidgin	Will not fix
Red Hat Enterprise Linux 7	pidgin	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-787

https://bugzilla.redhat.com/show_bug.cgi?id=1348873pidgin: MXIT Extended Profiles Code Execution Vulnerability

EPSS

Процентиль: 87%

0.03521

Низкий

5.6 Medium

CVSS3

5.1 Medium

CVSS2

Связанные уязвимости

CVE-2016-2371

CVSS3: 8.1

ubuntu

около 9 лет назад

An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution.

CVE-2016-2371

CVSS3: 8.1

nvd

около 9 лет назад

An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution.

CVE-2016-2371

CVSS3: 8.1

debian

около 9 лет назад

An out-of-bounds write vulnerability exists in the handling of the MXI ...

GHSA-m274-j8c5-8jg4

CVSS3: 8.1

github

больше 3 лет назад

An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution.

SUSE-SU-2016:2416-1

suse-cvrf

больше 9 лет назад

Security update for pidgin

EPSS

Процентиль: 87%

0.03521

Низкий

5.6 Medium

CVSS3

5.1 Medium

CVSS2