High severity8.1NVD Advisory· Published Jan 6, 2017· Updated Jun 17, 2026
CVE-2016-2374
CVE-2016-2374
Description
An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT MultiMX message sent via the server can result in an out-of-bounds write leading to memory disclosure and code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:a:pidgin:pidgin:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:pidgin:pidgin:*:*:*:*:*:*:*:*range: <=2.10.12
- (no CPE)
- (no CPE)range: 2.10.11
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
6- www.pidgin.im/news/security/nvdPatchVendor Advisory
- www.debian.org/security/2016/dsa-3620nvdThird Party Advisory
- www.securityfocus.com/bid/91335nvdThird Party AdvisoryVDB Entry
- www.talosintelligence.com/reports/TALOS-2016-0142/nvdTechnical DescriptionThird Party Advisory
- www.ubuntu.com/usn/USN-3031-1nvdThird Party Advisory
- security.gentoo.org/glsa/201701-38nvd
News mentions
0No linked articles in our index yet.