Release date:
Updated on:
Affected Systems:
Ignite Realtime Smack 3.4.1
Description:
--------------------------------------------------------------------------------
Bugtraq id: 67119
CVE (CAN) ID: CVE-2014-0363
Ignite Realtime Smack is an open-source XMPP client library for instant messaging and presentation.
Smack API 3.4.1 and other versions have multiple information leakage vulnerabilities. Attackers can exploit this vulnerability to obtain sensitive information.
<* Source: Ryan Sleevi
Link: http://www.kb.cert.org/vuls/id/489228
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Ignite Realtime
---------------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://community.igniterealtime.org/blogs/ignite/2014/04/17/asmack-400-rc1-has-been-released
This article permanently updates the link address: