5
CVE-2010-0305
- EPSS 1.88%
- Veröffentlicht 03.02.2010 19:30:00
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Loginejabberd_c2s.erl in ejabberd before 2.1.3 allows remote attackers to cause a denial of service (daemon crash) via a large number of c2s (aka client2server) messages that trigger a queue overload.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Process-one ≫ Ejabberd Version <= 2.1.2
Process-one ≫ Ejabberd Version0.9
Process-one ≫ Ejabberd Version0.9.1
Process-one ≫ Ejabberd Version0.9.8
Process-one ≫ Ejabberd Version1.0.0
Process-one ≫ Ejabberd Version1.1.0
Process-one ≫ Ejabberd Version1.1.1
Process-one ≫ Ejabberd Version1.1.1.0
Process-one ≫ Ejabberd Version1.1.1.1
Process-one ≫ Ejabberd Version1.1.2
Process-one ≫ Ejabberd Version1.1.3
Process-one ≫ Ejabberd Version1.1.14
Process-one ≫ Ejabberd Version2.0.0
Process-one ≫ Ejabberd Version2.0.0 Updatebeta1
Process-one ≫ Ejabberd Version2.0.0 Updaterc1
Process-one ≫ Ejabberd Version2.0.1_2
Process-one ≫ Ejabberd Version2.0.2
Process-one ≫ Ejabberd Version2.0.3
Process-one ≫ Ejabberd Version2.0.4
Process-one ≫ Ejabberd Version2.0.5
Process-one ≫ Ejabberd Version2.1.0
Process-one ≫ Ejabberd Version2.1.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.88% | 0.815 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.