CVE-2016-10673

Name of the Vulnerable Software and Affected Versions ipip-coffee (affected versions not specified)

Description The issue affects the integrity and availability of geolocation data used by applications. It occurs because ipip-coffee downloads geolocation resources over HTTP, making it susceptible to Man-In-The-Middle (MITM) attacks. In such attacks, an adversary with a privileged network position can modify or read the resources at will, impacting the data's integrity and availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a mitigation measure, consider avoiding the use of this package and opt for a different package if available. Alternatively, reduce the risk of exploitation by ensuring this package is not installed while connected to a public network.