Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4129

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2011-4129
Last Modified 15 Nov 2012 12:00:00
Published 22 Oct 2012 07:55:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-4129

Summary

(1) services/twitter/twitter-contact-view.c and (2) services/twitter/twitter-item-view.c in libsocialweb before 0.25.20 automatically connect to Twitter when no Twitter account is set, which might allow remote attackers to obtain sensitive information via a man-in-the-middle (MITM) attack.

Vulnerable Systems

Application

  • Bastien Nocera Libsocialweb 0.25.7

  • Rob Bradford Libsocialweb 0.25.0

  • Rob Bradford Libsocialweb 0.25.11

  • Rob Bradford Libsocialweb 0.25.12

  • Rob Bradford Libsocialweb 0.25.14

  • Rob Bradford Libsocialweb 0.25.15

  • Rob Bradford Libsocialweb 0.25.16

  • Rob Bradford Libsocialweb 0.25.17

  • Rob Bradford Libsocialweb 0.25.18

  • Rob Bradford Libsocialweb 0.25.2

  • Rob Bradford Libsocialweb 0.25.3

  • Rob Bradford Libsocialweb 0.25.4

  • Rob Bradford Libsocialweb 0.25.6

  • Rob Bradford Libsocialweb 0.25.8

  • Rob Bradford Libsocialweb 0.25.9

  • Ross Burton Libsocialweb 0.25.1

  • Ross Burton Libsocialweb 0.25.10

  • Ross Burton Libsocialweb 0.25.13

  • Ross Burton Libsocialweb 0.25.19

  • Ross Burton Libsocialweb 0.25.5


References

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=752022

MLIST - [oss-security] 20111109 Re: CVE Request -- libsocialweb -- Untrusted connection opened to Twitter social service without user's approval upon service start via dbus

MLIST - [oss-security] 20111109 CVE Request -- libsocialweb -- Untrusted connection opened to Twitter social service without user's approval upon service start via dbus

CONFIRM - http://git.gnome.org/browse/libsocialweb/commit/?id=8982cf504cf3767761fe85d9558beab3d9da5bec

CONFIRM - http://git.gnome.org/browse/libsocialweb/commit/?id=0086bfbfc07345438123a87957e0bc12226e2b94


Last Updated: 27 May 2016 11:01:14