CVE-2014-2741 in Openfireالمعلومات

الملخص

بحسب MITRE

nio/XMLLightweightParser.java in Ignite Realtime Openfire before 3.9.2 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

حجز

08/04/2014

إفشاء

10/04/2014

الاعتدال

تمت الموافقة

إدخال

VDB-66929

EPSS

0.03774

KEV

لا

النشاطات

منخفض جدًا

المصادر

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!