CVE-2016-2370

Summary

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an out-of-bounds read. A malicious server or man-in-the-middle attacker can send invalid data to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
PidginPidgin2.10.11affected

Weaknesses

  • out-of-bounds read

ADP Enrichment

CVE Program Container

Additional References

References