Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2017/07/10 12:0 a.m.22 views

GLSA-201707-14 : Gajim: Information disclosure

The remote host is affected by the vulnerability described in GLSA-201707-14 Gajim: Information disclosure Gajim unconditionally implements the XEP-0146: Remote Controlling Clients extension. Impact : Remote attackers, by enticing a user to connect to a malicious XMPP server, could extract...

4.5CVSS5.1AI score0.01153EPSS
Exploits0References2
OSV
OSV
added 2017/06/10 7:1 a.m.8 views

MGASA-2017-0166 Updated gajim packages fix security vulnerability

Gajim unconditionally implements the "XEP-0146: Remote Controlling Clients" extension, which may be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions CVE-2016-10376...

4.5CVSS4.7AI score0.01153EPSS
Exploits0References3
Prion
Prion
added 2017/05/28 12:29 a.m.13 views

Code injection

Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions...

3.5CVSS7AI score0.01153EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2017/05/28 12:29 a.m.3 views

DEBIAN-CVE-2016-10376

Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions...

4.5CVSS4.7AI score0.01153EPSS
Exploits0References1
CVE
CVE
added 2017/05/28 12:0 a.m.59 views

CVE-2016-10376

Gajim (XMPP client) up to version 0.16.7 unconditionally implements XEP-0146: Remote Controlling Clients, allowing a malicious XMPP server to trigger actions and potentially leak plaintext from OTR sessions. Public advisories (Debian, Gentoo, Fedora) note this behavior and provide patches/mitigat...

4.5CVSS4.6AI score0.01153EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2017/05/28 12:0 a.m.29 views

CVE-2016-10376

Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions...

4.6AI score0.01153EPSS
Exploits0References6
Rows per page
Query Builder