CVE-2013-1799

Priority
Description
Gnome Online Accounts (GOA) 3.6.x before 3.6.3 and 3.7.x before 3.7.91,
does not properly validate SSL certificates when creating accounts for
providers who use the libsoup library, which allows man-in-the-middle
attackers to obtain sensitive information such as credentials by sniffing
the network. NOTE: this issue exists because of an incomplete fix for
CVE-2013-0240.
Assigned-to
mdeslaur
Notes
mdeslaurCVE-2013-1799 is a result of an incomplete fix for CVE-2013-0240
Package
Upstream:released (3.4.2-2,3.6.3)
More Information

Updated: 2019-12-05 21:03:28 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)