CVE-2012-4672 Information

Description

Apple iChat Server does not verify that a request was made for an XMPP Server Dialback response which allows remote XMPP servers to spoof domains via responses for domains that were not asserted.

Reference

http://xmpp.org/resources/security-notices/server-dialback/ https://exchange.xforce.ibmcloud.com/vulnerabilities/78133