Lucene search
GoogleOSV:DSA-2453-1HistoryApr 16, 2012 - 12:00 a.m.
gajim - several
2012-04-1600:00:00
Google
osv.dev
16
EPSS
0.012
Percentile
85.8%
Several vulnerabilities have been discovered in Gajim, a feature-rich
Jabber client. The Common Vulnerabilities and Exposures project
identifies the following problems:
- CVE-2012-1987
Gajim is not properly sanitizing input before passing it to shell
commands. An attacker can use this flaw to execute arbitrary code
on behalf of the victim if the user e.g. clicks on a specially crafted
URL in an instant message. - CVE-2012-2093
Gajim is using predictable temporary files in an insecure manner when
converting instant messages containing LaTeX to images. A local
attacker can use this flaw to conduct symlink attacks and overwrite
files the victim has write access to. - CVE-2012-2086
Gajim is not properly sanitizing input when logging conversations
which results in the possibility to conduct SQL injection attacks.
For the stable distribution (squeeze), this problem has been fixed in
version 0.13.4-3+squeeze3.
For the testing distribution (wheezy), this problem has been fixed in
version 0.15-1.
For the unstable distribution (sid), this problem has been fixed in
version 0.15-1.
We recommend that you upgrade your gajim packages.
References
Related
osv
osv
gajim - regression
2012-04-16 00:00:00
gajim-0.16.6-1.1 on GA media
2024-06-15 00:00:00
Puppet Denial of Service and Arbitrary File Write
2022-05-14 00:56:45
securityvulns
securityvulns
gajim jabber client multiple security vulnerabilities
2012-04-19 00:00:00
[SECURITY] [DSA 2453-1] gajim security update
2012-04-19 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2453-1)
2012-04-30 00:00:00
Debian: Security Advisory (DSA-2453-1)
2012-04-30 00:00:00
Debian Security Advisory DSA 2453-1 (gajim)
2012-04-30 00:00:00
nessus
nessus
Debian DSA-2453-1 : gajim - several vulnerabilities
2012-04-17 00:00:00
GLSA-201208-04 : Gajim: Multiple vulnerabilities
2012-08-15 00:00:00
Fedora 16 : gajim-0.15-2.fc16 (2012-6061)
2012-04-30 00:00:00
debian
debian
[SECURITY] [DSA 2453-1] gajim security update
2012-04-16 05:23:39
[SECURITY] [DSA 2453-2] gajim regression
2012-04-19 00:35:37
[SECURITY] [DSA 2451-1] puppet security update
2012-04-13 04:52:10
gentoo
gentoo
Gajim: Multiple vulnerabilities
2012-08-14 00:00:00
Puppet: Multiple vulnerabilities
2012-08-14 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: gajim-0.15-2.fc16
2012-04-27 05:54:36
[SECURITY] Fedora 15 Update: gajim-0.15-2.fc15
2012-04-27 05:53:57
[SECURITY] Fedora 17 Update: gajim-0.15-2.fc17
2012-04-26 20:09:47
ubuntucve
ubuntucve
nvd
nvd
prion
prion
Design/Logic Flaw
2012-05-18 22:55:00
Sql injection
2012-11-23 20:55:00
Design/Logic Flaw
2012-05-29 20:55:00
debiancve
debiancve
cvelist
cvelist
cve
cve
github
github
Puppet Denial of Service and Arbitrary File Write
2022-05-14 00:56:45
rubygems
rubygems
Puppet Denial of Service and Arbitrary File Write
2022-05-13 21:00:00
freebsd
freebsd
puppet -- Multiple Vulnerabilities
2012-03-26 00:00:00
ubuntu
ubuntu
Puppet vulnerabilities
2012-04-11 00:00:00