CVE-2015-8688
N/A
N/A
Summary
Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://lists.opensuse.org/opensuse-updates/2016-01/msg00027.html
- http://www.debian.org/security/2016/dsa-3492
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175503.html
- https://hg.gajim.org/gajim/file/gajim-0.16.5/ChangeLog
- http://gultsch.de/gajim_roster_push_and_message_interception.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175526.html
References
- http://lists.opensuse.org/opensuse-updates/2016-01/msg00027.html
- http://www.debian.org/security/2016/dsa-3492
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175503.html
- https://hg.gajim.org/gajim/file/gajim-0.16.5/ChangeLog
- http://gultsch.de/gajim_roster_push_and_message_interception.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175526.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.