CVE-2013-1799 in Ubuntu

CVE-2013-1799

Priority

Description

Gnome Online Accounts (GOA) 3.6.x before 3.6.3 and 3.7.x before 3.7.91,
does not properly validate SSL certificates when creating accounts for
providers who use the libsoup library, which allows man-in-the-middle
attackers to obtain sensitive information such as credentials by sniffing
the network. NOTE: this issue exists because of an incomplete fix for
CVE-2013-0240.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1799
https://usn.ubuntu.com/usn/usn-1779-1

Assigned-to

mdeslaur

Notes

mdeslaur

CVE-2013-1799 is a result of an incomplete fix for CVE-2013-0240

Package

Source: gnome-online-accounts (LP Ubuntu Debian)

Upstream:

released (3.4.2-2,3.6.3)

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2019-12-05 21:03:28 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)