CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-1757

DJabberd 0.84 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.8%

CVSS Severity

CVSS v2 Score 5.0

References

http://groups.google.com/group/djabberd/msg/e3b250f3c1877ede?dmode=source
http://groups.google.com/group/djabberd/msg/e3b250f3c1877ede?dmode=source

Products affected by CVE-2011-1757

Brad Fitzpatrick » Djabberd » Version: Any

cpe:2.3:a:brad_fitzpatrick:djabberd:*
Brad Fitzpatrick » Djabberd » Version: 0.80

cpe:2.3:a:brad_fitzpatrick:djabberd:0.80
Brad Fitzpatrick » Djabberd » Version: 0.81

cpe:2.3:a:brad_fitzpatrick:djabberd:0.81
Brad Fitzpatrick » Djabberd » Version: 0.82

cpe:2.3:a:brad_fitzpatrick:djabberd:0.82
Brad Fitzpatrick » Djabberd » Version: 0.83

cpe:2.3:a:brad_fitzpatrick:djabberd:0.83

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-1757

Products

Pricing

Contact Us