6 matches found
GLSA-201707-14 : Gajim: Information disclosure
The remote host is affected by the vulnerability described in GLSA-201707-14 Gajim: Information disclosure Gajim unconditionally implements the XEP-0146: Remote Controlling Clients extension. Impact : Remote attackers, by enticing a user to connect to a malicious XMPP server, could extract...
MGASA-2017-0166 Updated gajim packages fix security vulnerability
Gajim unconditionally implements the "XEP-0146: Remote Controlling Clients" extension, which may be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions CVE-2016-10376...
Code injection
Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions...
DEBIAN-CVE-2016-10376
Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions...
CVE-2016-10376
Gajim (XMPP client) up to version 0.16.7 unconditionally implements XEP-0146: Remote Controlling Clients, allowing a malicious XMPP server to trigger actions and potentially leak plaintext from OTR sessions. Public advisories (Debian, Gentoo, Fedora) note this behavior and provide patches/mitigat...
CVE-2016-10376
Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions...