CVE-2004-1378
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
21/09/2004
Last modified:
03/04/2025
Description
The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (application crash) via a malformed packet to a socket that accepts XML connections.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:jabberstudio:jabberd:1.4:*:*:*:*:*:*:* | ||
cpe:2.3:a:jabberstudio:jabberd:1.4.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:jabberstudio:jabberd:1.4.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:jabberstudio:jabberd:1.4.2a:*:*:*:*:*:*:* | ||
cpe:2.3:a:jabberstudio:jabberd:1.4.3:*:*:*:*:*:*:* | ||
cpe:2.3:a:jabberstudio:jadc2s:0.6:*:*:*:*:*:*:* | ||
cpe:2.3:a:jabberstudio:jadc2s:0.7:*:*:*:*:*:*:* | ||
cpe:2.3:a:jabberstudio:jadc2s:0.8:*:*:*:*:*:*:* | ||
cpe:2.3:a:jabberstudio:jadc2s:0.9:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://devel.amessage.info/jabberd14/
- http://mail.jabber.org/pipermail/jabberd/2004-September/002004.html
- http://marc.info/?l=bugtraq&m=109583829122679&w=2
- http://secunia.com/advisories/12636
- http://securitytracker.com/id?1011383=
- http://securitytracker.com/id?1011384=
- http://www.gentoo.org/security/en/glsa/glsa-200409-31.xml
- http://www.osvdb.org/10257
- http://www.securityfocus.com/bid/11231
- http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17466
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17467
- http://devel.amessage.info/jabberd14/
- http://mail.jabber.org/pipermail/jabberd/2004-September/002004.html
- http://marc.info/?l=bugtraq&m=109583829122679&w=2
- http://secunia.com/advisories/12636
- http://securitytracker.com/id?1011383=
- http://securitytracker.com/id?1011384=
- http://www.gentoo.org/security/en/glsa/glsa-200409-31.xml
- http://www.osvdb.org/10257
- http://www.securityfocus.com/bid/11231
- http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17466
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17467