cve-2016-4323-00

Summary Pidgin MXIT Splash Image Arbitrary File Overwrite Vulnerability
Date 2016-06-21
CVE Number CVE-2016-4323
Talos Report ID TALOS-2016-0128
Discovered By Yves Younan of Cisco Talos
Fixed In Release 2.11.0

Description

A malicious server or man-in-the-middle could trigger libpurple to overwrite a local file with the name and contents specified by the attacker.

Mitigation

Looking to reach us via XMPP? Check out the new PidginChat service!