ALT-PU-2016-1022-1
Closed vulnerabilities
Published: 2016-01-15
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-8688
Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza.
Severity: MEDIUM (5.4)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
References:
- http://gultsch.de/gajim_roster_push_and_message_interception.html
- http://gultsch.de/gajim_roster_push_and_message_interception.html
- FEDORA-2016-c82e5c322c
- FEDORA-2016-c82e5c322c
- FEDORA-2016-838200213e
- FEDORA-2016-838200213e
- openSUSE-SU-2016:0102
- openSUSE-SU-2016:0102
- DSA-3492
- DSA-3492
- https://hg.gajim.org/gajim/file/gajim-0.16.5/ChangeLog
- https://hg.gajim.org/gajim/file/gajim-0.16.5/ChangeLog