CVE-2016-2370

2017-01-0621:00:00

certcc

www.cve.org

AI Score

6.3

Confidence

High

EPSS

0.003

Percentile

70.2%

JSON

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an out-of-bounds read. A malicious server or man-in-the-middle attacker can send invalid data to trigger this vulnerability.

CNA Affected

[
  {
    "product": "Pidgin",
    "vendor": "Pidgin",
    "versions": [
      {
        "status": "affected",
        "version": "2.10.11"
      }
    ]
  }
]