5.8
CVE-2011-4129
- EPSS 0.38%
- Veröffentlicht 22.10.2012 23:55:04
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle secalert@redhat.com
- Teams Watchlist Login
- Unerledigt Login
(1) services/twitter/twitter-contact-view.c and (2) services/twitter/twitter-item-view.c in libsocialweb before 0.25.20 automatically connect to Twitter when no Twitter account is set, which might allow remote attackers to obtain sensitive information via a man-in-the-middle (MITM) attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Gnome ≫ Libsocialweb Version <= 0.25.19
Gnome ≫ Libsocialweb Version0.25.0
Gnome ≫ Libsocialweb Version0.25.1
Gnome ≫ Libsocialweb Version0.25.2
Gnome ≫ Libsocialweb Version0.25.3
Gnome ≫ Libsocialweb Version0.25.4
Gnome ≫ Libsocialweb Version0.25.5
Gnome ≫ Libsocialweb Version0.25.6
Gnome ≫ Libsocialweb Version0.25.7
Gnome ≫ Libsocialweb Version0.25.8
Gnome ≫ Libsocialweb Version0.25.9
Gnome ≫ Libsocialweb Version0.25.10
Gnome ≫ Libsocialweb Version0.25.11
Gnome ≫ Libsocialweb Version0.25.12
Gnome ≫ Libsocialweb Version0.25.13
Gnome ≫ Libsocialweb Version0.25.14
Gnome ≫ Libsocialweb Version0.25.15
Gnome ≫ Libsocialweb Version0.25.16
Gnome ≫ Libsocialweb Version0.25.17
Gnome ≫ Libsocialweb Version0.25.18
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.564 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.