CVE-2007-4980

Name of the Vulnerable Software and Affected Versions GCALDaemon version 1.0-beta13

Description The issue allows remote attackers to cause a denial of service by sending a large integer value in the Content-Length HTTP header, which triggers a fatal Java OutOfMemoryError. This occurs due to a flaw in the readRequest method in org/gcaldaemon/core/http/HTTPListener.java.

Recommendations For GCALDaemon version 1.0-beta13, as a temporary workaround, consider restricting access to the readRequest method in HTTPListener.java to minimize the risk of exploitation. Additionally, avoid using large integer values in the Content-Length HTTP header until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.