Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2011-1753
Description:expat_erl.c in ejabberd before 2.1.7 and 3.x before 3.0.0-alpha-3, and exmpp before 0.9.7, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
Test IDs: 1.3.6.1.4.1.25623.1.0.69897   1.3.6.1.4.1.25623.1.0.69955   1.3.6.1.4.1.25623.1.0.69901   1.3.6.1.4.1.25623.1.0.69997   1.3.6.1.4.1.25623.1.0.902527   1.3.6.1.4.1.25623.1.0.863317   1.3.6.1.4.1.25623.1.0.863314  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2011-1753
BugTraq ID: 48072
http://www.securityfocus.com/bid/48072
Debian Security Information: DSA-2248 (Google Search)
http://www.debian.org/security/2011/dsa-2248
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062099.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062145.html
http://secunia.com/advisories/44765
http://secunia.com/advisories/44807
http://secunia.com/advisories/45120
XForce ISS Database: ejabberd-xml-dos(67769)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67769




© 1998-2025 E-Soft Inc. All rights reserved.