CVE-2009-5005

Name of the Vulnerable Software and Affected Versions Apache Qpid versions prior to 1.3

Description The issue allows remote attackers to cause a denial of service, resulting in a daemon crash and cluster outage, via invalid AMQP data. This is due to a problem in the Cluster::deliveredEvent function in cluster/Cluster.cpp.

Recommendations For versions prior to 1.3, update to version 1.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the Cluster::deliveredEvent function to minimize the risk of exploitation.