CVE-2016-9928
Description
MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd partys roster as another user, which will also garner associated privileges, via crafted XMPP packets.
Risk Information
Base Score
7.4
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
4.514
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| small Jabber (XMPP) console client (USN-4506-1) mcabber_0.10.2-1+deb8u1build0.16.04.1_i386.deb | Linux |
| small Jabber (XMPP) console client (USN-4506-1) mcabber_0.10.2-1+deb8u1build0.16.04.1_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234