Vulnerability Description
Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Presence | <= 8.6\(2\) |
| Cisco | Jabber Extensible Communications Platform | <= 5.2 |
Related Weaknesses (CWE)
References
- http://osvdb.org/85421
- http://secunia.com/advisories/50562
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20
- http://www.securitytracker.com/id?1027520
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78457
- http://osvdb.org/85421
- http://secunia.com/advisories/50562
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20
- http://www.securitytracker.com/id?1027520
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78457
FAQ
What is CVE-2012-3935?
CVE-2012-3935 is a vulnerability with a CVSS score of 7.8 (HIGH). Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted X...
How severe is CVE-2012-3935?
CVE-2012-3935 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-3935?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Presence, Cisco Jabber Extensible Communications Platform.