CVE-2015-2058

EPSS 0.56%

Published: 8/12/2015Modified: 4/28/2026

Also known as:DEBIAN-CVE-2015-2058

Description

c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other unspecified impact via a crafted JID.

Affected packages (1)

Debian/jabberd2from 0, < 2.3.3-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-2058