4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
0.007 Low
EPSS
Percentile
80.6%
CVE-2016-2373
A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious server or user can send an invalid mood to trigger this vulnerability.
5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Pidgin 2.10.11
In the function mxit_parse_cmd_contact in mxit/protocol.c at line 1743 contact->mood will be read from data coming from the server when parsing a contact update packet.
1743 contact->mood = atoi( rec->fields[5]->data );
At line 1759, this mood will be passed to the function mxit_update_contact():
1759 mxit_update_contact( session, contact );
This function is defined in mxit/roster.c at line 363. If mood is anything other than 0, then this value is subsequently used to as index into the mxit_moods array at line 432.
432 purple_prpl_got_user_status( session->acc, contact->username, "mood", PURPLE_MOOD_NAME, mxit_moods[contact->mood-1].mood, NULL );
This can result in an out-of-bounds read of this information, potentially resulting in a crash of the program if that memory location is not accessible.
2016-04-13 - Vendor Notification
2016-06-21 - Public Disclosure
Discovered by Yves Younan of Cisco Talos.
Vulnerability Reports Next Report
TALOS-2016-0142
Previous Report
TALOS-2016-0140
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
0.007 Low
EPSS
Percentile
80.6%