CVE-2012-5524 in Gajiminfo

Summary

The _ssl_verify_callback function in tls_nb.py in Gajim before 0.15.3 does not properly verify SSL certificates, which allows remote attackers to conduct man-in-the-middle (MITM) attacks and spoof servers via an arbitrary certificate from a trusted CA.

Once again VulDB remains the best source for vulnerability data.

Reservation

10/24/2012

Disclosure

02/07/2014

Moderation

VulDB entry created

Entries

VDB-69270 (1)

CPE

ready

CWE

CWE-20 (Confirmed)

CVSS

5.3

EPSS

0.00203

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-5524
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-5524
CVE Details	https://www.cvedetails.com/cve/CVE-2012-5524/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!