Vulnerability: Denial of service in Cisco Unified Presence and Cisco Jabber XCP
CVE ID: CVE-2012-3935
Impact: Denial of service
– Cisco Jabber Extensible Communications Platform (Jabber XCP) 5.x;
– Cisco Unified Presence 8.x.
Affected versions: Cisco Unified Presence version to 8.6 (3). Jabber XCP version to 5.3.
The vulnerability can be exploited to cause a DoS attack.
An error in the Extensible Messaging and Presence Protocol (XMPP) when processing headers of the incoming streams. A remote user can cause a DoS attack.
Manufacturer URL: http://www.cisco.com/en/US/products/ps10969/index.html
Solution: Install the latest version from the manufacturer.