Описание
c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other unspecified impact via a crafted JID.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Satellite 5 | jabberd | Will not fix | ||
| Red Hat Satellite Proxy 5.2 | jabberd | Will not fix | ||
| Red Hat Satellite Proxy 5.3 | jabberd | Will not fix | ||
| Red Hat Satellite Proxy 5.4 | jabberd | Will not fix | ||
| Red Hat Satellite Proxy 5.5 | jabberd | Will not fix | ||
| Red Hat Satellite Proxy 5.6 | jabberd | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
2.1 Low
CVSS2
Связанные уязвимости
c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other unspecified impact via a crafted JID.
c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other unspecified impact via a crafted JID.
c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates dat ...
c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other unspecified impact via a crafted JID.
EPSS
2.1 Low
CVSS2