Remote Sniffing of Audio and Video Calls in Telepathy Gabble

Remote Sniffing of Audio and Video Calls in Telepathy Gabble

CVE-2011-1000 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

jingle-factory.c in Telepathy Gabble 0.11 before 0.11.7, 0.10 before 0.10.5, and 0.8 before 0.8.15 allows remote attackers to sniff audio and video calls via a crafted google:jingleinfo stanza that specifies an alternate server for streamed media.

Learn more about our Cis Benchmark Audit For Server Software.