Debian-CVE-2016-4323

Title:

PIDGIN MXIT SPLASH IMAGE ARBITRARY FILE OVERWRITE VULNERABILITY

CVE-ID:

CVE-2016-4323

Description:

The MITRE CVE dictionary describes this issue as:

A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server or someone with access to the network traffic can provide an invalid filename for a splash image triggering the vulnerability.

Find out more about CVE-2016-4323 from the MITRE CVE dictionary and NIST NVD.


CVSSV3 SCORE:
4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

External References:

http://www.talosintel.com/reports/TALOS-2016-0128/
http://www.pidgin.im/news/security/?id=97

Share This:
Facebooktwittergoogle_plusredditpinterestlinkedintumblr