← Back

Mcabber

mcabber

Vendor: Mcabber • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2016-9928
3Canonical
DebianMcabber
3Debian Linux
McabberUbuntu Linux
Nov 21, 2024
Feb 6, 2020
N/A· v4
7.4 HIGH· v3
5.8 MEDIUM· v2
MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associa...Show more
MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets.Show less
CVE-2017-5604
1Mcabber
1Mcabber
May 13, 2026
Feb 9, 2017
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various k...Show more
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for mcabber 1.0.0 - 1.0.4.Show less