7 matches found
Security Bulletin: Multiple vulnerabilities have been identified in Smack API shipped with IBM Tivoli Netcool Impact (CVE-2014-0363, CVE-2014-0364)
Summary Smack API is used by IBM Tivoli Netcool Impact as part of the Jabber service component. IBM Tivoli Netcool Impact has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2014-0363 DESCRIPTION: Ignite Realtime Smack API could allow a remote attacker to conduct spoofing attacks,...
Fedora 21 : smack-4.0.6-1.fc21 (2015-0046)
update to 4.0.6. fix CVE-2014-0364 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Fedora Update for smack FEDORA-2015-0046
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: Red Hat JBoss BRMS 6.0.2 update
Red Hat JBoss BRMS 6.0.2, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base score...
Important: Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.0.2 update
Red Hat JBoss BPM Suite 6.0.2, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...
CVE-2014-0364
CVE-2014-0364 affects Ignite Realtime Smack XMPP API: the ParseRoster component does not verify the From attribute of a roster-query IQ stanza, enabling remote spoofing of IQ responses. Documented in multiple sources (NVD entry and vendor advisories) and corroborated by Red Hat and IBM security b...
Ignite Realtime Smack XMPP API contains multiple vulnerabilities
Overview Ignite Realtime's Smack XMPP API ServerTrustManger trusts unauthorized SSL certificates CWE-358 and IQ requests do not verify the from attribute allowing anyone to spoof IQ responses. CWE-345 Description CWE-358:Improperly Implemented Security Check for Standard- CVE-2014-0363 The...