Pidgin Security Advisory
| Title | Pidgin MXIT File Transfer Length Memory Disclosure Vulnerability |
|---|---|
| Date | 2016-06-21 |
| CVE Name | CVE 2016-2372 |
| Discovered By | Yves Younan of Cisco Talos |
| Description | A malicious user, server, or man-in-the-middle could trigger a crash or unexpected writing of data from memory to file. (TALOS-CAN-0140) |
| Fixed in Revision | 5e3601f8bde4 1c5197a66760 648f667a679c |
| Fixed in Version | 2.11.0 |
| Fix | Various changes to the chunk decoding. |
