CVE-2016-2368 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2016-2368 Interim 1 8 2024-10-12T01:54:53Z current 2021-05-30T13:39:35Z 2024-10-12T01:54:53Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2016-2368 Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could result in multiple buffer overflows, potentially resulting in code execution or memory disclosure. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 finch finch-devel libpurple libpurple-devel libpurple-lang pidgin pidgin-devel finch as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 finch-devel as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libpurple as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libpurple-devel as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libpurple-lang as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 pidgin as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 pidgin-devel as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could result in multiple buffer overflows, potentially resulting in code execution or memory disclosure. CVE-2016-2368 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H