zom-bot.com Cross Site Scripting vulnerability OBB-2765250

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ChatSecure and Zom User Emulation Vulnerabilities

ChatSecure is an open source project program that provides secure communication channels for XMPP Google Instant Messenger, Jabber, etc. or Oscar AIM to ensure encrypted chat services.Zom is a free and open source software with privacy features to help you stay connected wherever you are. A user...

XMPP Clients User Impersonation Vulnerability

Exploit for multiple platform in category local exploits Multiple XMPP Clients User Impersonation Vulnerability Summary ------- An incorrect implementation of XEP-0280: Message Carbons0 in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerabl...

CVE-2017-5590

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for ChatSecure 3.2.0 - 4.0.0;...

CVE-2017-5590

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for ChatSecure 3.2.0 - 4.0.0;...

Design/Logic Flaw

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for ChatSecure 3.2.0 - 4.0.0;...

CVE-2017-5590

The CVE-2017-5590 entry concerns an incorrect implementation of XEP-0280 (Message Carbons) in ChatSecure for iOS (3.2.0–4.0.0) and Zom for iOS (all versions up to 1.0.11). The root cause is the flawed handling of message carbons that allows a remote attacker to impersonate any user, including con...

CVE-2017-5590

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for ChatSecure 3.2.0 - 4.0.0;...

BTD Studio Zom-Mail 1.0.9 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/761/info In certain versions of the BTD Zom-Mail server there exists a buffer overflow which may be remotely exploitable by malicious users. The problem in question is in the handling of overly past 256 chars long file...

BTD Studio Zom-Mail 1.0.9 - Remote Buffer Overflow

BTD Studio Zom-Mail 1.0.9 - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/761/info In certain versions of the BTD Zom-Mail server there exists a buffer overflow which may be remotely exploitable by malicious users. The problem in question is in the handling of overly past 25...

BTD Studio Zom-Mail 1.0.9 - Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/761/info In certain versions of the BTD Zom-Mail server there exists a buffer overflow which may be remotely exploitable by malicious users. The problem in question is in the handling of overly past 256 chars long file names for file attachments...