Lucene search
+L

236 matches found

CVE
CVE
added 2017/03/29 8:0 p.m.52 views

CVE-2016-2379

The CVE-2016-2379 entry relates to Pidgin’s MXIT support, where passwords are encrypted with weak crypto. The described impact is that an attacker could decrypt hashed passwords by leveraging client registration codes or gain login access by eavesdropping on login messages and re-using the hashed...

8.8CVSS9AI score0.004EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2017/03/29 8:0 p.m.22 views

CVE-2016-2379

The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to 1 decrypt hashed passwords by leveraging knowledge of client registration codes or 2 gain login access by eavesdropping on login messages and re-using the hashed passwords...

9.1AI score0.004EPSS
Exploits0References4
NVD
NVD
added 2017/01/06 9:59 p.m.12 views

CVE-2016-2377

A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent by the server could potentially result in an out-of-bounds write of one byte. A malicious server can send a negative content-length in response to a HTTP request triggering the...

8.1CVSS6.7AI score0.02669EPSS
Exploits1References6
NVD
NVD
added 2017/01/06 9:59 p.m.21 views

CVE-2016-2380

An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent to the server could potentially result in an out-of-bounds read. A user could be convinced to enter a particular string which would then get converted incorrectly and could lead to a...

4.3CVSS5.4AI score0.01764EPSS
Exploits1References6
NVD
NVD
added 2017/01/06 9:59 p.m.19 views

CVE-2016-2378

A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin. Specially crafted data sent via the server could potentially result in a buffer overflow, potentially resulting in memory corruption. A malicious server or an unfiltered malicious user can send negative length...

8.1CVSS6.7AI score0.02522EPSS
Exploits1References6
OSV
OSV
added 2017/01/06 9:59 p.m.1 views

DEBIAN-CVE-2016-2380

An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent to the server could potentially result in an out-of-bounds read. A user could be convinced to enter a particular string which would then get converted incorrectly and could lead to a...

3.1CVSS6.3AI score0.01764EPSS
Exploits1References1
NVD
NVD
added 2017/01/06 9:59 p.m.21 views

CVE-2016-4323

A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server or someone with access to the network traffic can provide an invalid filename for a splash image...

5.8CVSS5.7AI score0.02305EPSS
Exploits2References6
OSV
OSV
added 2017/01/06 9:59 p.m.7 views

CVE-2016-4323

A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server or someone with access to the network traffic can provide an invalid filename for a splash image...

3.7CVSS5.7AI score
Exploits0References6
OSV
OSV
added 2017/01/06 9:59 p.m.10 views

CVE-2016-2378

A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin. Specially crafted data sent via the server could potentially result in a buffer overflow, potentially resulting in memory corruption. A malicious server or an unfiltered malicious user can send negative length...

8.1CVSS8.1AI score
Exploits0References6
OSV
OSV
added 2017/01/06 9:59 p.m.6 views

CVE-2016-2380

An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent to the server could potentially result in an out-of-bounds read. A user could be convinced to enter a particular string which would then get converted incorrectly and could lead to a...

3.1CVSS5.3AI score
Exploits0References6
OSV
OSV
added 2017/01/06 9:59 p.m.4 views

CVE-2016-2377

A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent by the server could potentially result in an out-of-bounds write of one byte. A malicious server can send a negative content-length in response to a HTTP request triggering the...

8.1CVSS8.2AI score
Exploits0References6
NVD
NVD
added 2017/01/06 9:59 p.m.16 views

CVE-2016-2367

An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server, or man-in-the-middle can send an invalid size for an avatar which will trigger an out-of-bounds...

5.9CVSS5.8AI score0.01947EPSS
Exploits1References6
Prion
Prion
added 2017/01/06 9:59 p.m.12 views

Buffer overflow

A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent by the server could potentially result in an out-of-bounds write of one byte. A malicious server can send a negative content-length in response to a HTTP request triggering the...

6.8CVSS7.3AI score0.02669EPSS
Exploits1References6Affected Software3
NVD
NVD
added 2017/01/06 9:59 p.m.10 views

CVE-2016-2374

An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT MultiMX message sent via the server can result in an out-of-bounds write leading to memory disclosure and code execution...

8.1CVSS6.9AI score0.03228EPSS
Exploits1References6
NVD
NVD
added 2017/01/06 9:59 p.m.17 views

CVE-2016-2365

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in a null pointer dereference. A malicious server or an attacker who intercepts the network traffic can send invalid data to trigger th...

5.9CVSS6.2AI score0.02431EPSS
Exploits1References6
Prion
Prion
added 2017/01/06 9:59 p.m.18 views

Buffer overflow

A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin. Specially crafted data sent via the server could potentially result in a buffer overflow, potentially resulting in memory corruption. A malicious server or an unfiltered malicious user can send negative length...

6.8CVSS7.2AI score0.02522EPSS
Exploits1References6Affected Software3
NVD
NVD
added 2017/01/06 9:59 p.m.16 views

CVE-2016-2375

An exploitable out-of-bounds read exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT contact information sent from the server can result in memory disclosure...

5.3CVSS6.1AI score0.02711EPSS
Exploits1References6
Prion
Prion
added 2017/01/06 9:59 p.m.15 views

Design/Logic Flaw

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an out-of-bounds read. A malicious server or man-in-the-middle attacker can send invalid data to trigger this vulnerability...

4.3CVSS6.6AI score0.02123EPSS
Exploits1References6Affected Software3
Prion
Prion
added 2017/01/06 9:59 p.m.18 views

Out-of-bounds

An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server, or man-in-the-middle can send an invalid size for an avatar which will trigger an out-of-bounds...

3.5CVSS6.5AI score0.01947EPSS
Exploits1References6Affected Software3
Prion
Prion
added 2017/01/06 9:59 p.m.19 views

Design/Logic Flaw

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious server or user can send an invalid mood to trigger this vulnerability...

4.3CVSS6.7AI score0.023EPSS
Exploits1References6Affected Software3
Rows per page
Query Builder