CVE-2011-4129: Infoleak
First published: Tue Nov 08 2011(Updated: )
(1) services/twitter/twitter-contact-view.c and (2) services/twitter/twitter-item-view.c in libsocialweb before 0.25.20 automatically connect to Twitter when no Twitter account is set, which might allow remote attackers to obtain sensitive information via a man-in-the-middle (MITM) attack.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Gnome Libsocialweb | =0.25.18 | |
| Gnome Libsocialweb | =0.25.12 | |
| Gnome Libsocialweb | =0.25.15 | |
| Gnome Libsocialweb | =0.25.3 | |
| Gnome Libsocialweb | =0.25.0 | |
| Gnome Libsocialweb | =0.25.11 | |
| Gnome Libsocialweb | =0.25.17 | |
| Gnome Libsocialweb | <=0.25.19 | |
| Gnome Libsocialweb | =0.25.16 | |
| Gnome Libsocialweb | =0.25.6 | |
| Gnome Libsocialweb | =0.25.7 | |
| Gnome Libsocialweb | =0.25.1 | |
| Gnome Libsocialweb | =0.25.14 | |
| Gnome Libsocialweb | =0.25.4 | |
| Gnome Libsocialweb | =0.25.8 | |
| Gnome Libsocialweb | =0.25.10 | |
| Gnome Libsocialweb | =0.25.9 | |
| Gnome Libsocialweb | =0.25.5 | |
| Gnome Libsocialweb | =0.25.13 | |
| Gnome Libsocialweb | =0.25.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://git.gnome.org/browse/libsocialweb/commit/?id=0086bfbfc07345438123a87957e0bc12226e2b94
- http://git.gnome.org/browse/libsocialweb/commit/?id=8982cf504cf3767761fe85d9558beab3d9da5bec
- http://www.openwall.com/lists/oss-security/2011/11/09/5
- https://bugzilla.redhat.com/show_bug.cgi?id=752022
- http://www.openwall.com/lists/oss-security/2011/11/09/3
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=752022#c1
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=752459
- https://access.redhat.com/security/cve/CVE-2011-4129
- https://bugzilla.gnome.org/show_bug.cgi?id=663783
- http://ftp.gnome.org/pub/GNOME/sources/rest/0.7/rest-0.7.12.tar.xz
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=752022#c13
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/remedy
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/tags
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2011-4129
- vendor/gnome
- canonical/gnome libsocialweb
- version/gnome libsocialweb/0.25.18
- version/gnome libsocialweb/0.25.12
- version/gnome libsocialweb/0.25.15
- version/gnome libsocialweb/0.25.3
- version/gnome libsocialweb/0.25.0
- version/gnome libsocialweb/0.25.11
- version/gnome libsocialweb/0.25.17
- version/gnome libsocialweb/0.25.19
- version/gnome libsocialweb/0.25.16
- version/gnome libsocialweb/0.25.6
- version/gnome libsocialweb/0.25.7
- version/gnome libsocialweb/0.25.1
- version/gnome libsocialweb/0.25.14
- version/gnome libsocialweb/0.25.4
- version/gnome libsocialweb/0.25.8
- version/gnome libsocialweb/0.25.10
- version/gnome libsocialweb/0.25.9
- version/gnome libsocialweb/0.25.5
- version/gnome libsocialweb/0.25.13
- version/gnome libsocialweb/0.25.2