CVE-2014-2741 in Openfireinformation

Résumé

par MITRE

nio/XMLLightweightParser.java in Ignite Realtime Openfire before 3.9.2 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Réserver

08/04/2014

Divulgation

10/04/2014

Modérer

accepté

Entrée

VDB-66929

CPE

prêt

EPSS

0.03774

KEV

non

Activités

très faible

Sources

Interested in the pricing of exploits?

See the underground prices here!