Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Pidgin Subscribe
Filtered by product Pidgin

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-2368 3 Canonical, Debian, Pidgin 3 Ubuntu Linux, Debian Linux, Pidgin 2017-03-30 7.5 HIGH 8.1 HIGH
Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could result in multiple buffer overflows, potentially resulting in code execution or memory disclosure.
CVE-2016-2371 3 Canonical, Debian, Pidgin 3 Ubuntu Linux, Debian Linux, Pidgin 2017-03-30 6.8 MEDIUM 8.1 HIGH
An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution.
CVE-2016-2374 3 Canonical, Debian, Pidgin 3 Ubuntu Linux, Debian Linux, Pidgin 2017-03-30 6.8 MEDIUM 8.1 HIGH
An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT MultiMX message sent via the server can result in an out-of-bounds write leading to memory disclosure and code execution.
CVE-2016-2376 3 Canonical, Debian, Pidgin 3 Ubuntu Linux, Debian Linux, Pidgin 2017-03-30 6.8 MEDIUM 8.1 HIGH
A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in arbitrary code execution. A malicious server or an attacker who intercepts the network traffic can send an invalid size for a packet which will trigger a buffer overflow.
CVE-2016-2377 3 Canonical, Debian, Pidgin 3 Ubuntu Linux, Debian Linux, Pidgin 2017-03-30 6.8 MEDIUM 8.1 HIGH
A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent by the server could potentially result in an out-of-bounds write of one byte. A malicious server can send a negative content-length in response to a HTTP request triggering the vulnerability.
CVE-2016-2378 3 Canonical, Debian, Pidgin 3 Ubuntu Linux, Debian Linux, Pidgin 2017-03-30 6.8 MEDIUM 8.1 HIGH
A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin. Specially crafted data sent via the server could potentially result in a buffer overflow, potentially resulting in memory corruption. A malicious server or an unfiltered malicious user can send negative length values to trigger this vulnerability.