Unrated severityNVD Advisory· Published Apr 30, 2014· Updated Jun 17, 2026
CVE-2014-0364
CVE-2014-0364
Description
The ParseRoster component in the Ignite Realtime Smack XMPP API before 4.0.0-rc1 does not verify the from attribute of a roster-query IQ stanza, which allows remote attackers to spoof IQ responses via a crafted attribute.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <4.0.0-rc1
Patches
Vulnerability mechanics
References
6- community.igniterealtime.org/blogs/ignite/2014/04/17/asmack-400-rc1-has-been-releasednvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2015-1176.htmlnvdThird Party Advisory
- secunia.com/advisories/59290nvdThird Party Advisory
- secunia.com/advisories/59291nvdThird Party Advisory
- www.kb.cert.org/vuls/id/489228nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/67124nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.