CVE-2012-3935
Cisco Unified Presence < 8.6(3) - Denial of Service via Crafted XMPP Stream Header
Title source: llmDescription
Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/78457
Various Sources vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1027520
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/85421
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/50562
Scores
EPSS
0.0277
EPSS Percentile
84.7%
Details
CWE
CWE-119
Status
published
Products (33)
cisco/jabber_extensible_communications_platform
< 5.2
cisco/unified_presence
1.0
cisco/unified_presence
6.0
cisco/unified_presence
6.0\(1\)
cisco/unified_presence
6.0\(2\)
cisco/unified_presence
6.0\(3\)
cisco/unified_presence
6.0\(4\)
cisco/unified_presence
6.0\(5\)
cisco/unified_presence
6.0\(6\)
cisco/unified_presence
6.0\(7\)
... and 23 more
Published
Sep 12, 2012
Tracked Since
Feb 18, 2026