CVE-2011-1000

jingle-factory.c in Telepathy Gabble 0.11 before 0.11.7, 0.10 before 0.10.5, and 0.8 before 0.8.15 allows remote attackers to sniff audio and video calls via a crafted google:jingleinfo stanza that specifies an alternate server for streamed media.

• How can I get the fixes?
• What do statuses mean?
• Patch details

References

• MITRE
• NVD
• Launchpad
• Debian

Other references

• http://lists.freedesktop.org/archives/telepathy/2011-February/005272.html
• http://lists.freedesktop.org/archives/telepathy/2011-February/005273.html
• http://lists.freedesktop.org/archives/telepathy/2011-February/005274.html
• https://bugs.freedesktop.org/show_bug.cgi?id=34048
• https://www.cve.org/CVERecord?id=CVE-2011-1000