cvedb.io
CVE-2016-2374
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2017-01-06T21:59:00.883 · Last modified 2026-06-17T00:43:55.387

Summary

An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT MultiMX message sent via the server can result in an out-of-bounds write leading to memory disclosure and code execution.

Affected products

pidgin — pidgin

Does this affect you?

Add your gear to cvedb and we'll alert you only when pidgin ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.