vulnerability

Huawei EulerOS: CVE-2016-2372: pidgin security update

Severity
5
CVSS
(AV:N/AC:M/Au:S/C:P/I:N/A:P)
Published
2017-01-06
Added
2019-12-18
Modified
2025-05-05

Description

An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server, or man-in-the-middle attacker can send an invalid size for a file transfer which will trigger an out-of-bounds read vulnerability. This could result in a denial of service or copy data from memory to the file, resulting in an information leak if the file is sent to another user.

Solution

huawei-euleros-2_0_sp3-upgrade-libpurple
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.