Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4672

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2012-4672
Last Modified 04 Apr 2013 11:13:36
Published 25 Aug 2012 12:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4672

Summary

Apple iChat Server does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted.

Vulnerable Systems

Application

  • Apple Ichat Server


References

MISC - http://xmpp.org/resources/security-notices/server-dialback/

XF - ichat-xmpp-spoofing(78133)


Last Updated: 27 May 2016 11:00:20