CVE-2008-3969

EPSS 0.81%

Published: 9/11/2008Modified: 4/28/2026

Also known as:DEBIAN-CVE-2008-3969

Description

Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to "overwrite" and "hijack" existing accounts via unknown vectors related to "inconsistent handling of the USTATUS_IDENTIFIED state." NOTE: this issue exists because of an incomplete fix for CVE-2008-3920.

Affected packages (1)

Debian/bitlbeefrom 0, < 1.2.3-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-3969