Memory Truncation Vulnerability in Jabber Open Source Server 2.3.2 and Earlier

Memory Truncation Vulnerability in Jabber Open Source Server 2.3.2 and Earlier

CVE-2015-2058 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other unspecified impact via a crafted JID.

Learn more about our Cis Benchmark Audit For Server Software.