CVSS: 8.1EPSS: 1%CPEs: 5EXPL: 0CVE-2016-2377
https://notcve.org/view.php?id=CVE-2016-2377
A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent by the server could potentially result in an out-of-bounds write of one byte. A malicious server can send a negative content-length in response to a HTTP request triggering the vulnerability. Existe una vulnerabilidad de desbordamiento de búfer en el manejo del protocolo MXIT en Pidgin. Datos MXIT especialmente manipulados enviados por el servidor podrían resultar potencialmente en una escritura fuera de límites de un byte. • http://www.debian.org/security/2016/dsa-3620 http://www.pidgin.im/news/security/?id=93 http://www.securityfocus.com/bid/91335 http://www.talosintelligence.com/reports/TALOS-2016-0119 http://www.ubuntu.com/usn/USN-3031-1 https://security.gentoo.org/glsa/201701-38 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2373
https://notcve.org/view.php?id=CVE-2016-2373
A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious server or user can send an invalid mood to trigger this vulnerability. Existe una vulnerabilidad de servicio en el manejo del protocolo MXIT en Pidgin. Datos MXIT especialmente manipulados enviados a través del servidor podrían resultar potencialmente en una escritura fuera de límites. • http://www.debian.org/security/2016/dsa-3620 http://www.pidgin.im/news/security/?id=106 http://www.securityfocus.com/bid/91335 http://www.talosintelligence.com/reports/TALOS-2016-0141 http://www.ubuntu.com/usn/USN-3031-1 https://security.gentoo.org/glsa/201701-38 • CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2370
https://notcve.org/view.php?id=CVE-2016-2370
A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an out-of-bounds read. A malicious server or man-in-the-middle attacker can send invalid data to trigger this vulnerability. Existe una vulnerabilidad de denegación de servicio en el manejo del protocolo MXIT en Pidgin. Datos MXIT especialmente manipulados enviados desde el servidor podrían resultar potencialmente en una lectura fuera de límites. • http://www.debian.org/security/2016/dsa-3620 http://www.pidgin.im/news/security/?id=103 http://www.securityfocus.com/bid/91335 http://www.talosintelligence.com/reports/TALOS-2016-0138 http://www.ubuntu.com/usn/USN-3031-1 https://security.gentoo.org/glsa/201701-38 • CWE-125: Out-of-bounds Read •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2376
https://notcve.org/view.php?id=CVE-2016-2376
A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in arbitrary code execution. A malicious server or an attacker who intercepts the network traffic can send an invalid size for a packet which will trigger a buffer overflow. Existe una vulnerabilidad de desbordamiento de búfer en el manejo del protocolo MXIT en Pidgin. Datos MXIT especialmente manipulados enviados desde el servidor podrían resultar potencialmente en ejecución de código arbitrario. • http://www.debian.org/security/2016/dsa-3620 http://www.pidgin.im/news/security/?id=92 http://www.securityfocus.com/bid/91335 http://www.talosintelligence.com/reports/TALOS-2016-0118 http://www.ubuntu.com/usn/USN-3031-1 https://security.gentoo.org/glsa/201701-38 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2368
https://notcve.org/view.php?id=CVE-2016-2368
Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could result in multiple buffer overflows, potentially resulting in code execution or memory disclosure. Existen múltiples vulnerabilidades de corrupción de memoria en el manejo del protocolo MXIT en Pidgin. Datos MXIT especialmente manipulados enviados a través del servidor podrían resultar en múltiples desbordamientos de búfer, resultando potencialmente en ejecución de código o divulgación de memoria. • http://www.debian.org/security/2016/dsa-3620 http://www.pidgin.im/news/security/?id=101 http://www.securityfocus.com/bid/91335 http://www.talosintelligence.com/reports/TALOS-2016-0136 http://www.ubuntu.com/usn/USN-3031-1 https://security.gentoo.org/glsa/201701-38 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •