Summary Pidgin MXIT File Transfer Length Memory Disclosure Vulnerability
Date 2016-06-21
CVE Number CVE-2016-2372
Talos Report ID TALOS-2016-0140
Discovered By Yves Younan of Cisco Talos
Fixed In Release 2.11.0


A malicious user, server, or man-in-the-middle could trigger a crash or unexpected writing of data from memory to file.


Various changes to the chunk decoding.

We've launched the new site. Think we're missing something?
Read the blog post or Go to the old site