Apache Foundation · Apache James · CVE-2004-2650
**Name of the Vulnerable Software and Affected Versions**
Apache Foundation James versions prior to 2.2.0
**Description**
The issue allows local users to cause a denial of service due to memory consumption. This is achieved by triggering various error conditions in the `retrieve` function, which prevents a lock from being released and causes a memory leak.
**Recommendations**
For versions prior to 2.2.0, update to version 2.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Spooler component to minimize the risk of exploitation.