Vulnerabilities

CVE-2011-2206

by Fred · 22/06/2011

XMLParser.pm in DJabberd before 0.85 allows remote authenticated users to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference, a different vulnerability than CVE-2011-1757.

Date published : 2011-06-22

https://github.com/djabberd/DJabberd/commit/b41d6dc247a175fe8e092d6ec2c460826fa62992

https://raw.github.com/djabberd/DJabberd/master/CHANGES

Similar

Tags: Cybersecurity Alert