Details
Description
Fetching the URL
http://localhost:8080/auctionMonitor/auctionMonitor.jspx
causes extremely hight CPU consumption, possibly until the maximum stack depth is reached.
This could be used as a denial of service attack. Other DOS attacks on ICEfaces are possible, but this one is particularly inexpensive for the attacker because a single HTTP request causes significant CPU load.
Activity
- All
- Comments
- History
- Activity
- Remote Attachments
- Subversion
Ken Fyten
made changes -
Status | Resolved [ 5 ] | Closed [ 6 ] |
Assignee Priority | P2 | |
Assignee | Mircea Toma [ mircea.toma ] |
Ken Fyten
made changes -
Priority | Critical [ 2 ] | Major [ 3 ] |
Ken Fyten
made changes -
Security | Private [ 10001 ] |
Mircea Toma
made changes -
Status | Open [ 1 ] | Resolved [ 5 ] |
Resolution | Fixed [ 1 ] |
Ken Fyten
made changes -
Fix Version/s | 1.7.1 [ 10122 ] | |
Assignee Priority | P2 | |
Assignee | Ken Fyten [ ken.fyten ] | Mircea Toma [ mircea.toma ] |
Priority | Major [ 3 ] | Critical [ 2 ] |
Ted Goddard
made changes -
Field | Original Value | New Value |
---|---|---|
Assignee | Ken Fyten [ ken.fyten ] |
Ted Goddard
created issue -