Cisco Unified Presence and Jabber Extensible Communications Platform Stream Header Processing Vulnerability
Last Update Date:
13 Sep 2012 10:16
Release Date:
13 Sep 2012
4908
Views
RISK: Medium Risk
TYPE: Clients - Im, Chat & Voip
A vulnerability has been identified in Cisco Unified Presence and Jabber Extensible Communications Platform. A remote user can cause denial of service conditions.
A remote user can send a specially crafted Extensible Messaging and Presence Protocol (XMPP) stream header to cause the target Connection Manager process to crash and restart.
Impact
- Denial of Service
System / Technologies affected
- Versions prior to 8.6(3)
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix (8.6(3)).
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp
Vulnerability Identifier
Source
Related Link
Share with