Vulnerabilities

CVE-2007-2975

by Fred · 31/05/2007

The admin console in Ignite Realtime Openfire 3.3.0 and earlier (formerly Wildfire) does not properly specify a filter mapping in web.xml, which allows remote attackers to gain privileges and execute arbitrary code by accessing functionality that is exposed through DWR, as demonstrated using the downloader.

Date published : 2007-05-31

http://www.securityfocus.com/bid/24205

http://www.igniterealtime.org/issues/browse/JM-1049

Related

Tags: Cybersecurity Alert