Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to "overwrite" and "hijack" existing accounts via unknown vectors related to "inconsistent handling of the USTATUS_IDENTIFIED state." NOTE: this issue exists because of an incomplete fix for CVE-2008-3920.
Software | From | Fixed in |
---|---|---|
fedoraproject / fedora | 8 | 8.x |
bitlbee / bitlbee | - | 1.2.3 |