UBUNTU-CVE-2016-2368
- Source
- https://ubuntu.com/security/CVE-2016-2368
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-2368.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2016-2368
- Related
- Published
- 2016-06-23T00:00:00Z
- Modified
- 2025-01-13T10:21:13Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could result in multiple buffer overflows, potentially resulting in code execution or memory disclosure.
- References
Affected packages
Ubuntu:14.04:LTS / pidgin
Package
- Name
- pidgin
- Purl
- pkg:deb/ubuntu/pidgin@1:2.10.9-0ubuntu3.3?arch=source&distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:2.10.9-0ubuntu3.3
Affected versions
1:2.*
1:2.10.7-0ubuntu4.1
1:2.10.7-0ubuntu4.2
1:2.10.9-0ubuntu1
1:2.10.9-0ubuntu2
1:2.10.9-0ubuntu3
1:2.10.9-0ubuntu3.1
1:2.10.9-0ubuntu3.2
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "medium",
"binaries": [
{
"binary_version": "1:2.10.9-0ubuntu3.3",
"binary_name": "finch"
},
{
"binary_version": "1:2.10.9-0ubuntu3.3",
"binary_name": "finch-dbgsym"
},
{
"binary_version": "1:2.10.9-0ubuntu3.3",
"binary_name": "finch-dev"
},
{
"binary_version": "1:2.10.9-0ubuntu3.3",
"binary_name": "libpurple-bin"
},
{
"binary_version": "1:2.10.9-0ubuntu3.3",
"binary_name": "libpurple-dev"
},
{
"binary_version": "1:2.10.9-0ubuntu3.3",
"binary_name": "libpurple0"
},
{
"binary_version": "1:2.10.9-0ubuntu3.3",
"binary_name": "libpurple0-dbgsym"
},
{
"binary_version": "1:2.10.9-0ubuntu3.3",
"binary_name": "pidgin"
},
{
"binary_version": "1:2.10.9-0ubuntu3.3",
"binary_name": "pidgin-data"
},
{
"binary_version": "1:2.10.9-0ubuntu3.3",
"binary_name": "pidgin-dbg"
},
{
"binary_version": "1:2.10.9-0ubuntu3.3",
"binary_name": "pidgin-dbgsym"
},
{
"binary_version": "1:2.10.9-0ubuntu3.3",
"binary_name": "pidgin-dev"
}
]
}
Ubuntu:16.04:LTS / pidgin
Package
- Name
- pidgin
- Purl
- pkg:deb/ubuntu/pidgin@1:2.10.12-0ubuntu5.1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:2.10.12-0ubuntu5.1
Affected versions
1:2.*
1:2.10.11-0ubuntu4
1:2.10.11-0ubuntu5
1:2.10.12-0ubuntu1
1:2.10.12-0ubuntu2
1:2.10.12-0ubuntu3
1:2.10.12-0ubuntu4
1:2.10.12-0ubuntu5
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "medium",
"binaries": [
{
"binary_version": "1:2.10.12-0ubuntu5.1",
"binary_name": "finch"
},
{
"binary_version": "1:2.10.12-0ubuntu5.1",
"binary_name": "finch-dbgsym"
},
{
"binary_version": "1:2.10.12-0ubuntu5.1",
"binary_name": "finch-dev"
},
{
"binary_version": "1:2.10.12-0ubuntu5.1",
"binary_name": "libpurple-bin"
},
{
"binary_version": "1:2.10.12-0ubuntu5.1",
"binary_name": "libpurple-dev"
},
{
"binary_version": "1:2.10.12-0ubuntu5.1",
"binary_name": "libpurple-dev-dbgsym"
},
{
"binary_version": "1:2.10.12-0ubuntu5.1",
"binary_name": "libpurple0"
},
{
"binary_version": "1:2.10.12-0ubuntu5.1",
"binary_name": "libpurple0-dbgsym"
},
{
"binary_version": "1:2.10.12-0ubuntu5.1",
"binary_name": "pidgin"
},
{
"binary_version": "1:2.10.12-0ubuntu5.1",
"binary_name": "pidgin-data"
},
{
"binary_version": "1:2.10.12-0ubuntu5.1",
"binary_name": "pidgin-dbg"
},
{
"binary_version": "1:2.10.12-0ubuntu5.1",
"binary_name": "pidgin-dbgsym"
},
{
"binary_version": "1:2.10.12-0ubuntu5.1",
"binary_name": "pidgin-dev"
}
]
}