Isode M-Link prior to 16.0v7 does not properly restrict the processing of compressed XML elements, which allows remote malicious users to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
isode m-link 15.1 |
||
isode m-link 16.0 |
||
isode m-link 14.6 |
||
isode m-link 14.6.14 |
||
isode m-link 15.1.10 |