RSS   Vulnerabilities for 'M-link'   RSS

2014-04-10
 
CVE-2014-2742

CWE-264
 

 
Isode M-Link before 16.0v7 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack.

 
2012-08-25
 
CVE-2012-4669

 

 
M-Link R14.6 before R14.6v14 and R15.1 before R15.1v10 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted.

 

 >>> Vendor: Isode 2 Products
M-vault server
M-link


Copyright 2024, cxsecurity.com

 

Back to Top