3 matches found
openSUSE Security Update : profanity (openSUSE-2017-285)
This update for profanity fixes the following issues : Changes in profanity : - CVE-2017-5592: The incorrect message carbons implementation that could allow user impersonification was fixed boo1024696 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
CVE-2017-5592
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for profanity 0.4.7 - 0.5.0...
CVE-2017-5592
Technical details for CVE-2017-5592 are not publicly available in the provided documents. Monitor for updates from Vulners/EUVD sources.