VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 8, 2014· Updated Apr 29, 2026

CVE-2012-5524

CVE-2012-5524

Description

The _ssl_verify_callback function in tls_nb.py in Gajim before 0.15.3 does not properly verify SSL certificates, which allows remote attackers to conduct man-in-the-middle (MITM) attacks and spoof servers via an arbitrary certificate from a trusted CA.

Affected products

45
  • Gajim/Gajim45 versions
    cpe:2.3:a:gajim:gajim:*:*:*:*:*:*:*:*+ 44 more
    • cpe:2.3:a:gajim:gajim:*:*:*:*:*:*:*:*range: <=0.15.2
    • cpe:2.3:a:gajim:gajim:0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.10.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.11.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.11.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.11.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.11.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.12.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.12.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.12.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.12.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.12.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.12.5:alpha1:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.12.5:beta1:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.13:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.13.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.13.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.13.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.13.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.14:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.14.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.14.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.14.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.14.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.15.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:gajim:gajim:0.9.1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.