Vulnerabilities > Cisco > Jabber
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-06-24 | CVE-2015-4218 | Information Exposure vulnerability in Cisco Jabber The web-based user interface in Cisco Jabber through 9.6(3) and 9.7 through 9.7(5) on Windows allows remote attackers to obtain sensitive information via a crafted value in a GET request, aka Bug IDs CSCuu65622 and CSCuu70858. | 5.0 |
| 2014-01-16 | CVE-2014-0666 | Path Traversal vulnerability in Cisco Jabber Directory traversal vulnerability in the Send Screen Capture implementation in Cisco Jabber 9.2(.1) and earlier on Windows allows remote attackers to upload arbitrary types of files, and consequently execute arbitrary code, via modified packets, aka Bug ID CSCug48056. | 4.3 |
| 2013-09-06 | CVE-2013-1228 | Cryptographic Issues vulnerability in Cisco Jabber Cisco Jabber on Windows does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and modify the client-server data stream via a crafted certificate, aka Bug ID CSCug30280. | 4.3 |
| 2013-06-26 | CVE-2013-3393 | Improper Input Validation vulnerability in Cisco Jabber and Virtualization Experience Media Engine The Precision Video Engine component in Cisco Jabber for Windows and Cisco Virtualization Experience Media Engine allows remote attackers to cause a denial of service (process crash and call disconnection) via crafted RTP packets, aka Bug IDs CSCuh60706 and CSCue21117. | 5.0 |