Filtered by vendor Jabber
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-6393 | 2 Jabber, Psi-im | 2 Jabber Client, Psi | 2017-09-28 | 10.0 HIGH | N/A |
PSI Jabber client before 0.12.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a file transfer request with a negative value in a SOCKS5 option, which bypasses a signed integer check and triggers an integer overflow and a heap-based buffer overflow. | |||||
CVE-2008-6936 | 1 Jabber | 1 Exodus | 2017-09-28 | 9.3 HIGH | N/A |
Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in a pres:// URI, a different vector than CVE-2008-6935. | |||||
CVE-2011-1755 | 1 Jabber | 1 Jabberd2 | 2017-08-16 | 5.0 MEDIUM | N/A |
jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | |||||
CVE-2008-6937 | 1 Jabber | 1 Exodus | 2017-08-16 | 10.0 HIGH | N/A |
Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in an xmpp:// URI, a different vector than CVE-2008-6935 and CVE-2008-6936. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |