Vulnerabilities > Canonical > Ubuntu Linux > 15.10

DATE CVE VULNERABILITY TITLE RISK
2017-01-06 CVE-2016-2372 Out-of-bounds Read vulnerability in multiple products
An information leak exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-125
5.9
5.9
2017-01-06 CVE-2016-2371 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-787
8.1
8.1
2017-01-06 CVE-2016-2370 Out-of-bounds Read vulnerability in multiple products
A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-125
5.9
5.9
2017-01-06 CVE-2016-2369 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-476
5.9
5.9
2017-01-06 CVE-2016-2368 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-119
8.1
8.1
2017-01-06 CVE-2016-2367 Out-of-bounds Read vulnerability in multiple products
An information leak exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-125
5.9
5.9
2017-01-06 CVE-2016-2366 Out-of-bounds Read vulnerability in multiple products
A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-125
5.9
5.9
2017-01-06 CVE-2016-2365 NULL Pointer Dereference vulnerability in multiple products
A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-476
5.9
5.9
2016-09-20 CVE-2015-8934 Out-of-bounds Read vulnerability in multiple products
The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.
local
low complexity
suse canonical libarchive CWE-125
5.5
5.5
2016-09-20 CVE-2015-8933 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file.
local
low complexity
libarchive suse canonical CWE-190
5.5
5.5