CVE-2016-2374

Summary

An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT MultiMX message sent via the server can result in an out-of-bounds write leading to memory disclosure and code execution.

Affected Software

VendorProductVersion RangeStatus
PidginPidgin2.10.11affected

Weaknesses

  • out-of-bounds write

ADP Enrichment

CVE Program Container

Additional References

References