VYPR

Xfire

by Xfire

CVEs (2)

  • CVE-2012-5817HigNov 4, 2012
    risk 0.48cvss 7.4epss 0.01

    Codehaus XFire 1.2.6 and earlier, as used in the Amazon EC2 API Tools Java library and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows…

  • CVE-2006-5391Oct 18, 2006
    risk 0.03cvss epss 0.03

    Xfire 1.64 and earlier allows remote attackers to cause a denial of service (client application crash) via a long string to UDP port 25777.