First published: Wed Nov 20 2019(Updated: )
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Pidgin Pidgin | =2.10.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2012-1257.
The severity of CVE-2012-1257 is medium (5.5).
Pidgin 2.10.0 is affected by CVE-2012-1257.
Local users can exploit CVE-2012-1257 by using a dbus session monitor to obtain sensitive information.
Yes, you can find references for CVE-2012-1257 at the following links: [http://developer.pidgin.im/ticket/14830](http://developer.pidgin.im/ticket/14830) and [http://pidgin.im/pipermail/devel/2011-December/010521.html](http://pidgin.im/pipermail/devel/2011-December/010521.html).