Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2011-1755

Published: 21/06/2011 Updated: 02/02/2024
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Jabberd2

Vulnerability Summary

jabberd2 prior to 2.2.14 does not properly detect recursion during entity expansion, which allows remote malicious users to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

jabberd2 jabberd2

fedoraproject fedora 13

fedoraproject fedora 15

fedoraproject fedora 14

apple mac os x server

apple mac os x

Vendor Advisories

Debian CVElist Bug Report Logs: jabberd2: CVE-2012-3525
Debian Bug report logs - #685666 jabberd2: CVE-2012-3525 Package: jabberd2; Maintainer for jabberd2 is Debian XMPP Maintainers <pkg-xmpp-devel@listsaliothdebianorg>; Source for jabberd2 is src:jabberd2 (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 23 Aug 2012 07:51:02 UTC Sever ...

References

CWE-776http://secunia.com/advisories/44787http://codex.xiaoka.com/svn/jabberd2/tags/jabberd-2.2.14/ChangeLoghttps://bugzilla.redhat.com/show_bug.cgi?id=700390http://www.securityfocus.com/bid/48250http://www.redhat.com/support/errata/RHSA-2011-0882.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-June/061482.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-June/061341.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0881.htmlhttp://secunia.com/advisories/44957https://hermes.opensuse.org/messages/9197650http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061458.htmlhttp://secunia.com/advisories/45112http://support.apple.com/kb/HT5002http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/67770http://www.mail-archive.com/jabberd2%40lists.xiaoka.com/msg01655.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685666https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460CVE-2024-4646CVE-2024-29212IMAPCVE-2023-36672CVE-2024-34547command injectionCVE-2024-4651stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook