9 matches found
EUVD-2017-14704
Malware in sbrugna...
XMPP Clients User Impersonation Vulnerability
Exploit for multiple platform in category local exploits Multiple XMPP Clients User Impersonation Vulnerability Summary ------- An incorrect implementation of XEP-0280: Message Carbons0 in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerabl...
Xabber User Simulation Vulnerability
Xabber for Android is an XMPP-based live chat OTR client for Android. A user emulation vulnerability exists in XMPP Xabber versions 1.0.30, 1.0.30 VIP and beta 1.0.3 through 1.0.74. Due to the program failing to implement 'XEP-0280: Message Carbons' correctly. A remote attacker can exploit this...
Design/Logic Flaw
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for Xabber only if manually...
CVE-2017-5606
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for Xabber only if manually...
CVE-2017-5606
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for Xabber only if manually...
CVE-2017-5606
The CVE concerns Xabber on Android (1.0.30, 1.0.30 VIP, beta 1.0.3–1.0.74) with an incorrect implementation of XEP-0280: Message Carbons. The vulnerability enables a remote attacker to impersonate any user, including the attacker’s contacts, in the vulnerable app display, enabling social‑engineer...
CVE-2017-5606
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for Xabber only if manually...
Xabber - Customized SSL, External URLs, KeyStore usage vulnerabilities
HackApp vulnerability scanner discovered that application Xabber published at the 'play' market has multiple vulnerabilities...