fkie_cve-2012-3935
Vulnerability from fkie_nvd
Published
2012-09-12 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF489778-059A-4D9C-A892-3695BC0795BB",
"versionEndIncluding": "8.6\\(2\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53DFD5A1-33C9-45E5-B7B9-2B1FAA840ED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9B1A89-6A54-4BA7-9980-3EB46C650FFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4EBA6C36-8B78-45DF-B73E-326F6C72B6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F7358448-71EA-49E7-BAAD-30B3F82C5A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D425ACC6-F347-4106-8E1C-B95E9D82C21A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2EBDC5EE-18F6-4C98-B815-1E14351EAD1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "309E650A-7907-4E57-B571-4B072E62A1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "10AD3A1E-D9A2-4B90-A09A-2596B09B2F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9122B9CF-CDB8-448E-B9E4-6613D4B401BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0_1:*:*:*:*:*:*:*",
"matchCriteriaId": "36C86548-FAC6-49A3-9D3B-3107A7916086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0_2:*:*:*:*:*:*:*",
"matchCriteriaId": "49F5F5FC-E41A-46F2-B168-FDF48F56ACBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D88C06B5-BD50-4A43-9B51-5D3D91F691F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "194B6B31-58FD-42F9-BAAD-6D539D2DE445",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "61B1C092-C3D4-4BCF-8F16-27978150076A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "01BD934F-DC42-43CF-8B69-1B98D2CE5787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94BB2FB8-F54D-42B0-B8D9-37253D8A7794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6CE37DDB-11FC-41B5-A9CB-60825ED8EC21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "325098C4-4AA0-43CF-A421-126D8BC05661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FA453950-82A8-4374-8655-B3C7662074AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "202EB97F-B4D4-4269-9FE6-E11A637C2C0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4C8B9CA0-3F44-4B5C-A8EE-BD8BC90FD076",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F7915D1A-5B9C-4D72-A6A8-C77BBDE40F68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CF088815-90E1-4A74-9EF2-BC3F0C8CFEF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A8F1A6C5-5150-4080-AE51-36432DC293E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1A5D87B2-E85D-4A28-9EFF-9408FDB35B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "60A36A8C-4CDD-4251-82F5-083C5BA1132A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C7329B46-66E8-4429-8664-8DB94DBD3134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7320D823-9FCA-4624-8F94-FB2A6081BA87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.5\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "26D3FA4B-E9A5-413B-B13D-61EE62AA0444",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.5\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AACEEBD1-DB8B-457B-9E18-6BC1E8BD6B66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "67F1CFA0-8D7C-4CA3-8E44-9B1BA94E8FB8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:jabber_extensible_communications_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05E13F0E-2877-4D62-B1B7-6A57BEA5E29F",
"versionEndIncluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832."
},
{
"lang": "es",
"value": "Cisco Unified Presence (CUP) antes de v8.6 (3) y Jabber Extensible Communications Platform (tambi\u00e9n conocido como Jabber XCP) antes de v5.3, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del proceso) a trav\u00e9s de una cabecera XMPP modificada, tambi\u00e9n conocido como Bug ID CSCtu32832."
}
],
"id": "CVE-2012-3935",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-09-12T23:55:00.807",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://osvdb.org/85421"
},
{
"source": "psirt@cisco.com",
"url": "http://secunia.com/advisories/50562"
},
{
"source": "psirt@cisco.com",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securitytracker.com/id?1027520"
},
{
"source": "psirt@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/85421"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/50562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027520"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78457"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…