CVE-2012-3935

Cisco Unified Presence < 8.6(3) - Denial of Service via Crafted XMPP Stream Header

Title source: llm
STIX 2.1

Description

Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/78457
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1027520
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/85421
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/50562

Scores

EPSS 0.0277
EPSS Percentile 84.7%

Details

CWE
CWE-119
Status published
Products (33)
cisco/jabber_extensible_communications_platform < 5.2
cisco/unified_presence 1.0
cisco/unified_presence 6.0
cisco/unified_presence 6.0\(1\)
cisco/unified_presence 6.0\(2\)
cisco/unified_presence 6.0\(3\)
cisco/unified_presence 6.0\(4\)
cisco/unified_presence 6.0\(5\)
cisco/unified_presence 6.0\(6\)
cisco/unified_presence 6.0\(7\)
... and 23 more
Published Sep 12, 2012
Tracked Since Feb 18, 2026