Lucene search
PRIOn knowledge basePRION:CVE-2016-2367HistoryJan 06, 2017 - 9:59 p.m.
Out-of-bounds
2017-01-0621:59:00
PRIOn knowledge base
www.prio-n.com
3
An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server, or man-in-the-middle can send an invalid size for an avatar which will trigger an out-of-bounds read vulnerability. This could result in a denial of service or copy data from memory to the file, resulting in an information leak if the avatar is sent to another user.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ubuntu_linux | eq | 12.04 | |
| ubuntu_linux | eq | 15.10 | |
| ubuntu_linux | eq | 14.04 | |
| debian_linux | eq | 8.0 | |
| pidgin | le | 2.10.12 |
Related
talos
talos
Pidgin MXIT Avatar Length Memory Disclosure Vulnerability
2016-06-21 00:00:00
ubuntucve
ubuntucve
nvd
nvd
CVE-2016-2367
2017-01-06 21:59:00
redhatcve
redhatcve
CVE-2016-2367
2016-06-22 09:19:10
seebug
seebug
Pidgin MXIT Avatar Length Memory Disclosure Vulnerability(CVE-2016-2367)
2017-10-19 00:00:00
cve
cve
CVE-2016-2367
2017-01-06 21:59:00
debiancve
debiancve
CVE-2016-2367
2017-01-06 21:59:00
cvelist
cvelist
CVE-2016-2367
2017-01-06 21:00:00
suse
suse
Security update for pidgin (important)
2016-09-29 19:10:02
kaspersky
kaspersky
KLA10942 Multiple vulnerabilities in Pidgin
2016-06-21 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2019-2387)
2020-01-23 00:00:00
Mageia: Security Advisory (MGASA-2016-0236)
2022-01-28 00:00:00
Debian Security Advisory DSA 3620-1 (pidgin - security update)
2016-07-15 00:00:00
nessus
nessus
EulerOS 2.0 SP3 : pidgin (EulerOS-SA-2019-2650)
2019-12-18 00:00:00
EulerOS 2.0 SP5 : pidgin (EulerOS-SA-2019-2222)
2019-11-08 00:00:00
EulerOS 2.0 SP2 : pidgin (EulerOS-SA-2019-2387)
2019-12-10 00:00:00
mageia
mageia
Updated pidgin packages fix security vulnerability
2016-07-05 18:47:08
archlinux
archlinux
libpurple: multiple issues
2016-06-25 00:00:00
debian
debian
[SECURITY] [DLA 542-1] pidgin security update
2016-07-04 10:35:36
[SECURITY] [DSA 3620-1] pidgin security update
2016-07-15 19:03:58
[SECURITY] [DSA 3620-1] pidgin security update
2016-07-15 19:03:58
osv
osv
pidgin - security update
2016-07-04 00:00:00
ubuntu
ubuntu
Pidgin vulnerabilities
2016-07-12 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1951
2021-07-02 17:58:49
gentoo
gentoo
Pidgin: Multiple vulnerabilities
2017-01-17 00:00:00