Debian-CVE-2016-2369

Title:

PIDGIN MXIT CP_SOCK_REC_TERM DENIAL OF SERVICE VULNERABILITY

CVE ID:

CVE-2016-2369

Description:

The MITRE CVE dictionary describes this issue as:

A NULL pointer dereference vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in a denial of service vulnerability. A malicious server can send a packet starting with a NULL byte triggering the vulnerability.

Find out more about CVE-2016-2369 from the MITRE CVE dictionary and NIST NVD.

CVSS SCORE:

5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Mitigation:

debian-linux-upgrade-pidgin

External References:


http://www.talosintel.com/reports/TALOS-2016-0137/
http://www.pidgin.im/news/security/?id=102
https://www.rapid7.com/db/vulnerabilities/debian-cve-2016-2369

Share This:
Facebooktwittergoogle_plusredditpinterestlinkedintumblr