Astra Linux - уязвимость в thunderbird

When loading the shared library that provides the OTR protocol implementation, Thunderbird initially attempts to open it using a filename that is not distributed by Thunderbird. If a computer has already been infected with a malicious library from the alternative filename, and the malicious libra...

EUVD-2012-2360

Malware in sbrugna...

thunderbird: Crash when aborting verification of OTR chat

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash...

thunderbird: Crash when aborting verification of OTR chat

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash...

thunderbird: Crash when aborting verification of OTR chat

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash...

thunderbird: Crash when aborting verification of OTR chat

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash...

thunderbird: Crash when aborting verification of OTR chat

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash...

thunderbird: Crash when aborting verification of OTR chat

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash...

thunderbird: Crash when aborting verification of OTR chat

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash...

SUSE CVE-2015-8833

Use-after-free vulnerability in the createsmpdialog function in gtk-dialog.c in the Off-the-Record Messaging OTR pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the "Authenticate buddy" menu item...

SUSE CVE-2016-10376

Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions...

Mozilla: Thunderbird might execute an alternative OTR library

When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious...

Mozilla: Thunderbird might execute an alternative OTR library

When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious...

Mozilla: Thunderbird might execute an alternative OTR library

When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious...

GLSA-201707-14 : Gajim: Information disclosure

The remote host is affected by the vulnerability described in GLSA-201707-14 Gajim: Information disclosure Gajim unconditionally implements the XEP-0146: Remote Controlling Clients extension. Impact : Remote attackers, by enticing a user to connect to a malicious XMPP server, could extract...

libotr, Pidgin OTR: Remote execution of arbitrary code

Background Pidgin Off-the-Record OTR messaging allows you to have private conversations over instant messaging. libotr is a portable off-the-record messaging library. Description Multiple vulnerabilities exist in both libotr and Pidgin OTR. Please review the CVE identifiers for more information...

Design/Logic Flaw

Use-after-free vulnerability in the createsmpdialog function in gtk-dialog.c in the Off-the-Record Messaging OTR pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the "Authenticate buddy" menu item...

UBUNTU-CVE-2015-8833

Use-after-free vulnerability in the createsmpdialog function in gtk-dialog.c in the Off-the-Record Messaging OTR pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the "Authenticate buddy" menu item...

KLA10781 Code execution vulnerability in pidgin-otr plugin.

Use-after-free vulnerability was found in Off-the-Record Messaging OTR pidgin-otr plugin. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via vectors related to the “Authenticate buddy” menu item. Technical details This...

CVE-2015-8833

Use-after-free vulnerability in the createsmpdialog function in gtk-dialog.c in the Off-the-Record Messaging OTR pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the "Authenticate buddy" menu item...