Security Advisory

CVE-2007-2975

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-06-01 01:00:00

Last updated 2024-08-07 13:57:54

Assigner mitre

State PUBLISHED

Description

The admin console in Ignite Realtime Openfire 3.3.0 and earlier (formerly Wildfire) does not properly specify a filter mapping in web.xml, which allows remote attackers to gain privileges and execute arbitrary code by accessing functionality that is exposed through DWR, as demonstrated using the downloader.

← Browse all CVEs View on cve.org ↗