CVE-2017-5593 log

Source
Severity Medium
Remote Yes
Type Content spoofing
Description
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks.
Group Package Affected Fixed Severity Status Ticket
AVG-173 kdenetwork-kopete 16.12.2-1 16.12.2-2 Medium Fixed
Date Advisory Group Package Severity Type
12 Feb 2017 ASA-201702-11 AVG-173 kdenetwork-kopete Medium content spoofing
References
https://rt-solutions.de/en/2017/02/CVE-2017-5589_xmpp_carbons/
http://openwall.com/lists/oss-security/2017/02/09/29