• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

RealChat User Impersonation Vulnerability

RealChat is a commercial chat server written in Java, supporting multiple platforms.

RealChat is susceptible to a user impersonation vulnerability. This issue is due to a design error in the application.

This vulnerability allows attackers to spoof the source of chat messages. Attackers may also spoof the avatar picture for users, making users receiving spoofed messages more likely to attribute them to the perceived source.