cve-2016-2380-00

Summary Pidgin MXIT mxit_convert_markup_tx Information Leak Vulnerability
Date 2016-06-21
CVE Number CVE-2016-2380
Talos Report ID TALOS-2016-0123
Discovered By Yves Younan of Cisco Talos
Fixed In Release 2.11.0

Description

A specially crafted local message (by the user or a plugin) could lead to the disclosure of 7 bytes to the server.

Mitigation

Check the length of the font tag.

Looking to reach us via XMPP? Check out the new PidginChat service!