CVE-2004-2650

EPSS 0.07%

Apache James Denial of Service

Published: 4/29/2022Modified: 11/8/2023

Description

Spooler in Apache Foundation James before 2.2.0 allows local users to cause a denial of service (memory consumption) by triggering various error conditions in the retrieve function, which prevents a lock from being released and causes a memory leak.

Affected packages (1)

Maven/org.apache.james:james-serverfrom 0, < 2.2.0

References (4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2004-2650
WEBhttp://issues.apache.org/jira/browse/JAMES-268
WEBhttp://james.apache.org/changelog.html
WEBhttp://www.securityfocus.com/bid/15765