icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Gaim < 0.59 Web Mail Account Information Disclosure

Low

Synopsis

The remote host is vulnerable to a flaw that allows attackers to retrieve sensitive files or data.

Description

The remote host appears to be running Gaim, a popular open-source multi-protocol instant messenger. It is reported that this version of Gaim is prone to an information disclosure issue. If the user configures Gaim to check a web mail account, the program may create two world readable files in /tmp during the operation that contain sensitive information about the account.

Solution

Upgrade to version 0.59 or higher.