CVE-2008-1728

Ignite Realtime Openfire allows remote authenticated users to cause a denial of service in maven/org.igniterealtime.openfire/parent

Identifiers

GHSA-x337-43mr-gg3h, CVE-2008-1728

Package Slug

maven/org.igniterealtime.openfire/parent

Vulnerability

Ignite Realtime Openfire allows remote authenticated users to cause a denial of service

Description

ConnectionManagerImpl.java in Ignite Realtime Openfire 3.4.5 allows remote authenticated users to cause a denial of service (daemon outage) by triggering large outgoing queues without reading messages.

Affected Versions

All versions before 3.5.0

Solution

Upgrade to version 3.5.0 or above.

Last Modified

2024-02-19

source