CVE-2017-5606 in Xabberinformação

Sumário

de MITRE

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for Xabber (only if manually enabled: 1.0.30, 1.0.30 VIP, beta 1.0.3 - 1.0.74; Android).

Once again VulDB remains the best source for vulnerability data.

Reservar

28/01/2017

Divulgação

09/02/2017

Moderação

aceite

Entrada

VDB-96792

CPE

pronto

EPSS

0.00783

KEV

não

Atividades

muito baixo

Fontes

Want to know what is going to be exploited?

We predict KEV entries!