CVE-2011-1000

Telepathy Gabble 0.8-0.10.5 and 0.11-0.11.7 - Remote Audio and Video Call Interception via Crafted JingleInfo Stanza

Title source: llm
STIX 2.1

Description

jingle-factory.c in Telepathy Gabble 0.11 before 0.11.7, 0.10 before 0.10.5, and 0.8 before 0.8.15 allows remote attackers to sniff audio and video calls via a crafted google:jingleinfo stanza that specifies an alternate server for streamed media.

References (22)

Core 22
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0901
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43316
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/44023
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/65523
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0537
Patch mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/02/17/4
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1067-1
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054324.html
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43369
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054575.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43485
Various Sources vendor-advisory x_refsource_suse
https://hermes.opensuse.org/messages/7848248
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054409.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0572
Patch mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/02/17/7
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2011/dsa-2169
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0428
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43545
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/46440
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0412
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43404

Scores

EPSS 0.0290
EPSS Percentile 85.3%

Details

CWE
CWE-20
Status published
Products (27)
freedesktop/telepathy_gabble 0.11
freedesktop/telepathy_gabble 0.11.1
freedesktop/telepathy_gabble 0.11.2
freedesktop/telepathy_gabble 0.11.3
freedesktop/telepathy_gabble 0.11.4
freedesktop/telepathy_gabble 0.11.5
freedesktop/telepathy_gabble 0.11.6
freedesktop/telepathy_gabble 0.10
freedesktop/telepathy_gabble 0.10.1
freedesktop/telepathy_gabble 0.10.2
... and 17 more
Published Feb 19, 2011
Tracked Since Feb 18, 2026