ICEfaces
  1. ICEfaces
  2. ICE-3043

dispatcher forwarding loop

          Details

          • Type: Bug Bug
          • Status: Closed
          • Priority: Major Major
          • Resolution: Fixed
          • Affects Version/s: 1.7
          • Fix Version/s: 1.7.1
          • Component/s: Framework
          • Labels:
            None
          • Environment:
            ICEfaces

            Description


            Fetching the URL

            http://localhost:8080/auctionMonitor/auctionMonitor.jspx

            causes extremely hight CPU consumption, possibly until the maximum stack depth is reached.

            This could be used as a denial of service attack. Other DOS attacks on ICEfaces are possible, but this one is particularly inexpensive for the attacker because a single HTTP request causes significant CPU load.


              Activity

                People

                • Assignee:
                  Unassigned
                  Reporter:
                  Ted Goddard
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  0 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: