vulnerability
Huawei EulerOS: CVE-2016-2372: pidgin security update
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:N/AC:M/Au:S/C:P/I:N/A:P) | 2017-01-06 | 2019-12-18 | 2025-05-05 |
Severity
5
CVSS
(AV:N/AC:M/Au:S/C:P/I:N/A:P)
Published
2017-01-06
Added
2019-12-18
Modified
2025-05-05
Description
An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server, or man-in-the-middle attacker can send an invalid size for a file transfer which will trigger an out-of-bounds read vulnerability. This could result in a denial of service or copy data from memory to the file, resulting in an information leak if the file is sent to another user.
Solution
huawei-euleros-2_0_sp3-upgrade-libpurple

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.