Pidgin Security Advisory

TitlePidgin MXIT File Transfer Length Memory Disclosure Vulnerability
Date2016-06-21
CVE NameCVE 2016-2372
Discovered ByYves Younan of Cisco Talos
DescriptionA malicious user, server, or man-in-the-middle could trigger a crash or unexpected writing of data from memory to file. (TALOS-CAN-0140)
Fixed in Revision5e3601f8bde4
1c5197a66760
648f667a679c
Fixed in Version2.11.0
FixVarious changes to the chunk decoding.

Return to Security Advisory Index