Description
The XMPP protocol plugin failed to ensure that iq replies came from the person they were sent to. A remote user could send a spoofed iq reply and attempt to guess the iq id. This could allow an attacker to inject fake data or trigger a null pointer dereference.
Mitigation
Keep track of the ’to’ when sending an iq stanza and make sure replies for a given stanza ID come from the same address it was sent to.