18 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-5591
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An incorrect implementation of XEP-0280: Message Carbons in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the...
SUSE CVE-2017-5591
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
GHSA-C35G-JR5F-H83P SleekXMPP and Slixmpp Incorrect Implementation of Message Carbons
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
SleekXMPP and Slixmpp Incorrect Implementation of Message Carbons
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
Poezio/SleekXMPP/Slixmpp User Emulation Vulnerability
XMPP is Extensible Messaging and Presence Protocol, a set of open technologies for instant messaging, multi-party chat, voice and video calls. A user emulation vulnerability exists in Poezio/SleekXMPP/Slixmpp. An attacker can exploit this vulnerability to emulate arbitrary users, leading to furth...
XMPP Clients User Impersonation Vulnerability
Exploit for multiple platform in category local exploits Multiple XMPP Clients User Impersonation Vulnerability Summary ------- An incorrect implementation of XEP-0280: Message Carbons0 in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerabl...
Design/Logic Flaw
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
PYSEC-2017-104
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
CVE-2017-5591
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
DEBIAN-CVE-2017-5591
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
UBUNTU-CVE-2017-5591
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
CVE-2017-5591
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
PYSEC-2017-103
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
CVE-2017-5591
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
CVE-2017-5591
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
CVE-2017-5591
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
CVE-2017-5591
Technical details about CVE-2017-5591 are not publicly provided in the supplied documents. Monitor for updates from vendor advisories and security bulletins.
PT-2017-16594 · Slixmpp +5 · Slixmpp +6
Name of the Vulnerable Software and Affected Versions: yaxim and Bruno versions 0.8.6 through 0.8.8 SleekXMPP versions up to 1.3.1 Slixmpp versions up to 1.2.3 poezio versions 0.8 through 0.10 Movim versions 0.8 through 0.10 converse.js versions prior to 1.0.7 for 1.x or 2.0.5 for 2.x Description...