Multiple unspecified vulnerabilities in BitlBee prior to 1.2.3 allow remote malicious users to "overwrite" and "hijack" existing accounts via unknown vectors related to "inconsistent handling of the USTATUS_IDENTIFIED state." NOTE: this issue exists because of an incomplete fix for CVE-2008-3920.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bitlbee bitlbee |
||
fedoraproject fedora 8 |