PT-2014-2803 · Gnu+2 · Libgadu+2

Ratul Gupta

·

Published

2014-07-31

·

Updated

2023-02-13

·

CVE-2013-4488

CVSS v2.0

4.3

Medium

VectorAV:N/AC:M/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions libgadu versions prior to 1.12.0
Description The issue allows man-in-the-middle attackers to spoof servers by not verifying X.509 certificates from SSL servers.
Recommendations For versions prior to 1.12.0, update to version 1.12.0 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-310

Related Identifiers

ALT-PU-2014-1968
CVE-2013-4488
MGASA-2014-0375

Affected Products

Alt Linux
Debian
Libgadu