Lucene search
PRIOn knowledge basePRION:CVE-2013-7449HistoryApr 21, 2016 - 2:59 p.m.
Design/Logic Flaw
2016-04-2114:59:00
PRIOn knowledge base
www.prio-n.com
2
The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ubuntu_linux | eq | 12.04 | |
| ubuntu_linux | eq | 15.10 | |
| ubuntu_linux | eq | 14.04 | |
| hexchat | le | 2.10.1 |
Related
cve
cve
CVE-2013-7449
2016-04-21 14:59:00
nessus
nessus
RHEL 7 : xchat (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 6 : xchat (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 5 : xchat (Unpatched Vulnerability)
2024-06-03 00:00:00
ubuntucve
ubuntucve
CVE-2013-7449
2016-04-21 00:00:00
cvelist
cvelist
CVE-2013-7449
2016-04-21 14:00:00
nvd
nvd
CVE-2013-7449
2016-04-21 14:59:00
debiancve
debiancve
CVE-2013-7449
2016-04-21 14:59:00