CVE-2016-2373

Title:

PIDGIN MXIT CONTACT MOOD DENIAL OF SERVICE VULNERABILITY

CVE ID:

CVE-2016-2373

Description:

The MITRE CVE dictionary describes this issue as:

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious server or user can send an invalid mood to trigger this vulnerability.

Find out more about CVE-2016-2373 from the MITRE CVE dictionary and NIST NVD.


CVSSV3 SCORE:

5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Mitigation:

ubuntu-upgrade-libpurple0-ubuntu-12-04-lts

External References:

http://www.talosintel.com/reports/TALOS-2016-0141/
http://www.pidgin.im/news/security/?id=106
https://www.rapid7.com/db/vulnerabilities/ubuntu-cve-2016-2373

Share This:
Facebooktwittergoogle_plusredditpinterestlinkedintumblr