| Summary | Pidgin MXIT Avatar Length Memory Disclosure Vulnerability |
|---|---|
| Date | 2016-06-21 |
| CVE Number | CVE-2016-2367 |
| Talos Report ID | TALOS-2016-0135 |
| Discovered By | Yves Younan of Cisco Talos |
| Fixed In Release | 2.11.0 |
A malicious user, server, or man-in-the-middle could trigger a crash or unexpected writing of data from memory to file.
Various changes to the chunk decoding.