Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3935

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2012-3935
Last Modified 25 Mar 2013 11:37:55
Published 12 Sep 2012 07:55:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-3935

Summary

Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832.

Vulnerable Systems

Application

  • Cisco Jabber Extensible Communications Platform 5.2

  • Cisco Unified Presence 1.0

  • Cisco Unified Presence 6.0

  • Cisco Unified Presence 6.0 1

  • Cisco Unified Presence 6.0 2

  • Cisco Unified Presence 6.0%281%29

  • Cisco Unified Presence 6.0%282%29

  • Cisco Unified Presence 6.0%283%29

  • Cisco Unified Presence 6.0%284%29

  • Cisco Unified Presence 6.0%285%29

  • Cisco Unified Presence 6.0%286%29

  • Cisco Unified Presence 6.0%287%29

  • Cisco Unified Presence 7.0

  • Cisco Unified Presence 7.0%281%29

  • Cisco Unified Presence 7.0%282%29

  • Cisco Unified Presence 7.0%283%29

  • Cisco Unified Presence 7.0%284%29

  • Cisco Unified Presence 7.0%285%29

  • Cisco Unified Presence 7.0%286%29

  • Cisco Unified Presence 7.0%287%29

  • Cisco Unified Presence 7.0%288%29

  • Cisco Unified Presence 7.0%289%29

  • Cisco Unified Presence 8.0

  • Cisco Unified Presence 8.0%281%29

  • Cisco Unified Presence 8.0%282%29

  • Cisco Unified Presence 8.0%283%29

  • Cisco Unified Presence 8.0%284%29

  • Cisco Unified Presence 8.5

  • Cisco Unified Presence 8.5%281%29

  • Cisco Unified Presence 8.5%282%29

  • Cisco Unified Presence 8.5%283%29

  • Cisco Unified Presence 8.6%281%29

  • Cisco Unified Presence 8.6%282%29


References

CONFIRM - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp

SECTRACK - 1027520

XF - cisco-presence-jabber-dos(78457)

SECUNIA - 50562

OSVDB - 85421

CISCO - 20120912 Cisco Unified Presence and Jabber Extensible Communications Platform Stream Header Denial of Service Vulnerability


Last Updated: 27 May 2016 11:00:41