Erlang Solutions MongooseIM up to and including 1.3.1 rev. 2 does not properly restrict the processing of compressed XML elements, which allows remote malicious users to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
erlang-solutions mongooseim 1.3.0 |
||
erlang-solutions mongooseim 1.2.1 |
||
erlang-solutions mongooseim |
||
erlang-solutions mongooseim 1.2.2 |
||
erlang-solutions mongooseim 1.3.1 |