XSS Vulnerability in Adium Theme of Empathy by GNOME
CVE-2011-3635

Currently unrated

Key Information:

Vendor: Gnome
Status: Empathy
Vendor: CVE Published:; 23 October 2011

What is CVE-2011-3635?

A security flaw exists in the Adium theme's message handling function, which permits remote attackers to inject arbitrary web scripts or HTML code via a specially crafted alias (nickname). This vulnerability impacts Empathy versions 3.2.1 and earlier, allowing an attacker to exploit this weakness potentially leading to unauthorized data access or manipulation.

References

http://secunia.com/advisories/46510

third-party-advisoryx_refsource_SECUNIA

https://bugzilla.redhat.com/show_bug.cgi?id=747599

x_refsource_CONFIRM

http://www.securityfocus.com/bid/50323

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 23, 2011
Vulnerability Reserved
Sep 21, 2011

JSON

Gnome

What is CVE-2011-3635?

References

Timeline