Summary Pidgin MXIT Avatar Length Memory Disclosure Vulnerability
Date 2016-06-21
CVE Number CVE-2016-2367
Talos Report ID TALOS-2016-0135
Discovered By Yves Younan of Cisco Talos
Fixed In Release 2.11.0


A malicious user, server, or man-in-the-middle could trigger a crash or unexpected writing of data from memory to file.


Various changes to the chunk decoding.

We've launched the new site. Think we're missing something?
Read the blog post or Go to the old site