CVE-2016-2380

2017-01-0621:00:00

certcc

www.cve.org

AI Score

5.3

Confidence

Low

EPSS

0.003

Percentile

71.5%

JSON

An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent to the server could potentially result in an out-of-bounds read. A user could be convinced to enter a particular string which would then get converted incorrectly and could lead to a potential out-of-bounds read.

CNA Affected

[
  {
    "product": "Pidgin",
    "vendor": "Pidgin",
    "versions": [
      {
        "status": "affected",
        "version": "2.10.11"
      }
    ]
  }
]