Security Flaw in Gnome Online Accounts by GNOME
CVE-2013-1799

Currently unrated

Key Information:

Vendor
Gnome
Status
Gnome Online Accounts
Vendor
CVE Published:
2 April 2013

Summary

A vulnerability in Gnome Online Accounts prior to version 3.6.3 and 3.7.91 fails to adequately validate SSL certificates. This flaw can potentially enable man-in-the-middle attackers to intercept network traffic and capture sensitive information, including user credentials. The issue arises from an incomplete fix for a previous vulnerability, emphasizing the importance of regular updates and security assessments.

References

https://mail.gnome.org/archives/gnome-announce-list/2013-...
mailing-listx_refsource_MLIST
https://git.gnome.org/browse/gnome-online-accounts/commit...
x_refsource_CONFIRM
http://secunia.com/advisories/51976
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2013-1799 : Security Flaw in Gnome Online Accounts by GNOME | SecurityVulnerability.io