Loading...

This issue belongs to an archived project. You can view it, but you can't modify it. Learn more

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Highest
Fix Version/s: None
Affects Version/s: None
Component/s: Video
Labels:
None

Symptom Severity:
Severity 1 - Critical

Description

The Hipchat for Mac desktop client is vulnerable to client-side remote code execution via video call link parsing.

For additional details, please see the full advisory.

Affected Versions

This issue was introduced in version 4.0 of the Hipchat for Mac desktop client. Versions of Hipchat for Mac desktop client starting with 4.0 before 4.30 are affected by this vulnerability.

Fix

Hipchat for Mac desktop client version 4.30 is available to download from https://www.hipchat.com/downloads/latest/mac.

Attachments

Issue Links

mentioned in: Page Loading...; Page Loading...

relates to: SECENG-559 Loading...

Activity

People

Assignee:: Unassigned

Reporter:: Robbie (Inactive)

Archiver:: Michael Andreacchio

Dates

Created:: 18/Sep/2017 8:21 PM

Updated:: 22/Nov/2017 5:56 PM

Resolved:: 21/Nov/2017 5:08 PM

Archived:: 16/Jun/2020 5:19 AM