Vulnerabilites related to apache - commons_fileupload
CVE-2013-0248 (GCVE-0-2013-0248)
Vulnerability from cvelistv5
Published
2013-03-15 01:00
Modified
2024-08-06 14:18
Severity ?
EPSS score ?
Summary
The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/58326 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=144050155601375&w=2 | vendor-advisory, x_refsource_HP | |
| http://archives.neohapsis.com/archives/bugtraq/2013-03/0035.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | x_refsource_CONFIRM | |
| http://www.osvdb.org/90906 | vdb-entry, x_refsource_OSVDB | |
| https://security.gentoo.org/glsa/202107-39 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T14:18:09.602Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "58326", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/58326", }, { name: "HPSBMU03409", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { name: "20130306 [SECURITY] CVE-2013-0248 Apache Commons FileUpload - Insecure examples", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2013-03/0035.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "90906", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/90906", }, { name: "GLSA-202107-39", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202107-39", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-03-06T00:00:00", descriptions: [ { lang: "en", value: "The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-17T07:06:17", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "58326", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/58326", }, { name: "HPSBMU03409", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { name: "20130306 [SECURITY] CVE-2013-0248 Apache Commons FileUpload - Insecure examples", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2013-03/0035.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "90906", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/90906", }, { name: "GLSA-202107-39", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202107-39", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2013-0248", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "58326", refsource: "BID", url: "http://www.securityfocus.com/bid/58326", }, { name: "HPSBMU03409", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { name: "20130306 [SECURITY] CVE-2013-0248 Apache Commons FileUpload - Insecure examples", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2013-03/0035.html", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "90906", refsource: "OSVDB", url: "http://www.osvdb.org/90906", }, { name: "GLSA-202107-39", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202107-39", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-0248", datePublished: "2013-03-15T01:00:00", dateReserved: "2012-12-06T00:00:00", dateUpdated: "2024-08-06T14:18:09.602Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-3092 (GCVE-0-2016-3092)
Vulnerability from cvelistv5
Published
2016-07-04 22:00
Modified
2024-08-05 23:40
Severity ?
EPSS score ?
Summary
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:40:15.604Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "JVNDB-2016-000121", tags: [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000121", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190212-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1743480", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { name: "GLSA-201705-09", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201705-09", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1743738", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289840", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://tomcat.apache.org/security-9.html", }, { name: "USN-3024-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3024-1", }, { name: "RHSA-2016:2069", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2069.html", }, { name: "1037029", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1037029", }, { name: "RHSA-2016:2068", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2068.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://tomcat.apache.org/security-7.html", }, { name: "1036900", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036900", }, { name: "91453", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91453", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://tomcat.apache.org/security-8.html", }, { name: "RHSA-2016:2072", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2072.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1743722", }, { name: "DSA-3611", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3611", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05204371", }, { name: "RHSA-2016:2807", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2807.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", }, { name: "openSUSE-SU-2016:2252", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html", }, { name: "JVN#89379547", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN89379547/index.html", }, { name: "1036427", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036427", }, { name: "RHSA-2016:2070", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2070.html", }, { name: "RHSA-2017:0457", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html", }, { name: "RHSA-2016:2808", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2808.html", }, { name: "1039606", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1039606", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1743742", }, { name: "RHSA-2016:2599", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2599.html", }, { name: "DSA-3609", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3609", }, { name: "RHSA-2017:0455", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:0455", }, { name: "DSA-3614", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3614", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "[dev] 20160621 CVE-2016-3092: Apache Commons Fileupload information disclosure vulnerability", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://mail-archives.apache.org/mod_mbox/commons-dev/201606.mbox/%3CCAF8HOZ%2BPq2QH8RnxBuJyoK1dOz6jrTiQypAC%2BH8g6oZkBg%2BCxg%40mail.gmail.com%3E", }, { name: "RHSA-2017:0456", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:0456", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1349468", }, { name: "RHSA-2016:2071", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2071.html", }, { name: "USN-3027-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3027-1", }, { name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { name: "GLSA-202107-39", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202107-39", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-06-21T00:00:00", descriptions: [ { lang: "en", value: "The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-17T07:06:23", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "JVNDB-2016-000121", tags: [ "third-party-advisory", "x_refsource_JVNDB", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000121", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190212-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1743480", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { name: "GLSA-201705-09", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201705-09", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1743738", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289840", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://tomcat.apache.org/security-9.html", }, { name: "USN-3024-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3024-1", }, { name: "RHSA-2016:2069", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2069.html", }, { name: "1037029", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1037029", }, { name: "RHSA-2016:2068", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2068.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://tomcat.apache.org/security-7.html", }, { name: "1036900", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036900", }, { name: "91453", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91453", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://tomcat.apache.org/security-8.html", }, { name: "RHSA-2016:2072", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2072.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1743722", }, { name: "DSA-3611", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3611", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05204371", }, { name: "RHSA-2016:2807", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2807.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", }, { name: "openSUSE-SU-2016:2252", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html", }, { name: "JVN#89379547", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN89379547/index.html", }, { name: "1036427", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036427", }, { name: "RHSA-2016:2070", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2070.html", }, { name: "RHSA-2017:0457", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html", }, { name: "RHSA-2016:2808", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2808.html", }, { name: "1039606", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1039606", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1743742", }, { name: "RHSA-2016:2599", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2599.html", }, { name: "DSA-3609", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3609", }, { name: "RHSA-2017:0455", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:0455", }, { name: "DSA-3614", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3614", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "[dev] 20160621 CVE-2016-3092: Apache Commons Fileupload information disclosure vulnerability", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://mail-archives.apache.org/mod_mbox/commons-dev/201606.mbox/%3CCAF8HOZ%2BPq2QH8RnxBuJyoK1dOz6jrTiQypAC%2BH8g6oZkBg%2BCxg%40mail.gmail.com%3E", }, { name: "RHSA-2017:0456", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:0456", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1349468", }, { name: "RHSA-2016:2071", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2071.html", }, { name: "USN-3027-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3027-1", }, { name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { name: "GLSA-202107-39", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202107-39", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2016-3092", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "JVNDB-2016-000121", refsource: "JVNDB", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000121", }, { name: "https://security.netapp.com/advisory/ntap-20190212-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190212-0001/", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759", }, { name: "http://svn.apache.org/viewvc?view=revision&revision=1743480", refsource: "CONFIRM", url: "http://svn.apache.org/viewvc?view=revision&revision=1743480", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { name: "GLSA-201705-09", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201705-09", }, { name: "http://svn.apache.org/viewvc?view=revision&revision=1743738", refsource: "CONFIRM", url: "http://svn.apache.org/viewvc?view=revision&revision=1743738", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289840", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289840", }, { name: "http://tomcat.apache.org/security-9.html", refsource: "CONFIRM", url: "http://tomcat.apache.org/security-9.html", }, { name: "USN-3024-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3024-1", }, { name: "RHSA-2016:2069", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2069.html", }, { name: "1037029", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1037029", }, { name: "RHSA-2016:2068", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2068.html", }, { name: "http://tomcat.apache.org/security-7.html", refsource: "CONFIRM", url: "http://tomcat.apache.org/security-7.html", }, { name: "1036900", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036900", }, { name: "91453", refsource: "BID", url: "http://www.securityfocus.com/bid/91453", }, { name: "http://tomcat.apache.org/security-8.html", refsource: "CONFIRM", url: "http://tomcat.apache.org/security-8.html", }, { name: "RHSA-2016:2072", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2072.html", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "http://svn.apache.org/viewvc?view=revision&revision=1743722", refsource: "CONFIRM", url: "http://svn.apache.org/viewvc?view=revision&revision=1743722", }, { name: "DSA-3611", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3611", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05204371", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05204371", }, { name: "RHSA-2016:2807", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2807.html", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", }, { name: "openSUSE-SU-2016:2252", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html", }, { name: "JVN#89379547", refsource: "JVN", url: "http://jvn.jp/en/jp/JVN89379547/index.html", }, { name: "1036427", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036427", }, { name: "RHSA-2016:2070", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2070.html", }, { name: "RHSA-2017:0457", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html", }, { name: "RHSA-2016:2808", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2808.html", }, { name: "1039606", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1039606", }, { name: "http://svn.apache.org/viewvc?view=revision&revision=1743742", refsource: "CONFIRM", url: "http://svn.apache.org/viewvc?view=revision&revision=1743742", }, { name: "RHSA-2016:2599", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2599.html", }, { name: "DSA-3609", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3609", }, { name: "RHSA-2017:0455", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:0455", }, { name: "DSA-3614", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3614", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "[dev] 20160621 CVE-2016-3092: Apache Commons Fileupload information disclosure vulnerability", refsource: "MLIST", url: "http://mail-archives.apache.org/mod_mbox/commons-dev/201606.mbox/%3CCAF8HOZ%2BPq2QH8RnxBuJyoK1dOz6jrTiQypAC%2BH8g6oZkBg%2BCxg%40mail.gmail.com%3E", }, { name: "RHSA-2017:0456", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:0456", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1349468", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1349468", }, { name: "RHSA-2016:2071", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2071.html", }, { name: "USN-3027-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3027-1", }, { name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E", }, { name: "https://www.oracle.com/security-alerts/cpuapr2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { name: "GLSA-202107-39", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202107-39", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-3092", datePublished: "2016-07-04T22:00:00", dateReserved: "2016-03-10T00:00:00", dateUpdated: "2024-08-05T23:40:15.604Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-1000031 (GCVE-0-2016-1000031)
Vulnerability from cvelistv5
Published
2016-10-25 14:00
Modified
2024-08-06 03:47
Severity ?
EPSS score ?
Summary
Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T03:47:34.863Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "93604", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93604", }, { name: "[announce] 20181105 [SECURITY] Immediately upgrade commons-fileupload to version 1.3.3 when running Struts 2.3.36 or prior", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/d66657323fd25e437face5e84899c8ca404ccd187e81c3f2fa8b6080%40%3Cannounce.apache.org%3E", }, { name: "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E", }, { name: "openSUSE-SU-2019:1399", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00036.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190212-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.apache.org/jira/browse/WW-4812", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.zerodayinitiative.com/advisories/ZDI-16-570/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tenable.com/security/research/tra-2016-30", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tenable.com/security/research/tra-2016-12", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.apache.org/jira/browse/FILEUPLOAD-279", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tenable.com/security/research/tra-2016-23", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-04-20T00:00:00", descriptions: [ { lang: "en", value: "Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-22T17:57:30", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "93604", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93604", }, { name: "[announce] 20181105 [SECURITY] Immediately upgrade commons-fileupload to version 1.3.3 when running Struts 2.3.36 or prior", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/d66657323fd25e437face5e84899c8ca404ccd187e81c3f2fa8b6080%40%3Cannounce.apache.org%3E", }, { name: "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E", }, { name: "openSUSE-SU-2019:1399", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00036.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190212-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.apache.org/jira/browse/WW-4812", }, { tags: [ "x_refsource_MISC", ], url: "http://www.zerodayinitiative.com/advisories/ZDI-16-570/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.tenable.com/security/research/tra-2016-30", }, { tags: [ "x_refsource_MISC", ], url: "https://www.tenable.com/security/research/tra-2016-12", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.apache.org/jira/browse/FILEUPLOAD-279", }, { tags: [ "x_refsource_MISC", ], url: "https://www.tenable.com/security/research/tra-2016-23", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-1000031", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "93604", refsource: "BID", url: "http://www.securityfocus.com/bid/93604", }, { name: "[announce] 20181105 [SECURITY] Immediately upgrade commons-fileupload to version 1.3.3 when running Struts 2.3.36 or prior", refsource: "MLIST", url: "https://lists.apache.org/thread.html/d66657323fd25e437face5e84899c8ca404ccd187e81c3f2fa8b6080@%3Cannounce.apache.org%3E", }, { name: "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", refsource: "MLIST", url: "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E", }, { name: "openSUSE-SU-2019:1399", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00036.html", }, { name: "https://www.oracle.com/security-alerts/cpuapr2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { name: "https://www.oracle.com/security-alerts/cpujul2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", refsource: "CONFIRM", url: "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { name: "https://www.oracle.com/security-alerts/cpujan2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { name: "https://security.netapp.com/advisory/ntap-20190212-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190212-0001/", }, { name: "https://issues.apache.org/jira/browse/WW-4812", refsource: "CONFIRM", url: "https://issues.apache.org/jira/browse/WW-4812", }, { name: "http://www.zerodayinitiative.com/advisories/ZDI-16-570/", refsource: "MISC", url: "http://www.zerodayinitiative.com/advisories/ZDI-16-570/", }, { name: "https://www.tenable.com/security/research/tra-2016-30", refsource: "MISC", url: "https://www.tenable.com/security/research/tra-2016-30", }, { name: "https://www.tenable.com/security/research/tra-2016-12", refsource: "MISC", url: "https://www.tenable.com/security/research/tra-2016-12", }, { name: "https://issues.apache.org/jira/browse/FILEUPLOAD-279", refsource: "CONFIRM", url: "https://issues.apache.org/jira/browse/FILEUPLOAD-279", }, { name: "https://www.tenable.com/security/research/tra-2016-23", refsource: "MISC", url: "https://www.tenable.com/security/research/tra-2016-23", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { name: "https://www.oracle.com/security-alerts/cpuoct2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { name: "https://www.oracle.com/security-alerts/cpujan2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { name: "https://www.oracle.com/security-alerts/cpuoct2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { name: "https://www.oracle.com/security-alerts/cpujul2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-1000031", datePublished: "2016-10-25T14:00:00", dateReserved: "2016-09-22T00:00:00", dateUpdated: "2024-08-06T03:47:34.863Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-0050 (GCVE-0-2014-0050)
Vulnerability from cvelistv5
Published
2014-03-28 19:00
Modified
2024-08-06 09:05
Severity ?
EPSS score ?
Summary
MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:05:38.958Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0008.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676656", }, { name: "JVN#14876762", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN14876762/index.html", }, { name: "HPSBGN03329", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143136844732487&w=2", }, { name: "60753", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60753", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1062337", }, { name: "59184", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59184", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677691", }, { name: "DSA-2856", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2856", }, { name: "59039", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59039", }, { name: "59185", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59185", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676401", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "58075", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58075", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676853", }, { name: "59187", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59187", }, { name: "59041", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59041", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676092", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21681214", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0007.html", }, { name: "60475", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60475", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://svn.apache.org/r1565143", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2014-0110.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html", }, { name: "MDVSA-2015:084", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676410", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676405", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://tomcat.apache.org/security-7.html", }, { name: "59492", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59492", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59500", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59500", }, { name: "59183", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59183", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://tomcat.apache.org/security-8.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676403", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "RHSA-2014:0252", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0252.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm", }, { name: "JVNDB-2014-000017", tags: [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { name: "USN-2130-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2130-1", }, { name: "65400", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/65400", }, { name: "RHSA-2014:0400", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0400.html", }, { name: "59725", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59725", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675432", }, { name: "57915", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/57915", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { name: "59399", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59399", }, { name: "[commons-dev] 20140206 [SECURITY] CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907%40apache.org%3E", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676091", }, { name: "58976", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58976", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html", }, { name: "RHSA-2014:0253", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0253.html", }, { name: "59232", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59232", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677724", }, { name: "20140625 NEW VMSA-2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/532549/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21669554", }, { name: "GLSA-202107-39", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202107-39", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-02-06T00:00:00", descriptions: [ { lang: "en", value: "MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-17T07:06:19", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0008.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676656", }, { name: "JVN#14876762", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN14876762/index.html", }, { name: "HPSBGN03329", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=143136844732487&w=2", }, { name: "60753", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60753", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1062337", }, { name: "59184", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59184", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677691", }, { name: "DSA-2856", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2856", }, { name: "59039", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59039", }, { name: "59185", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59185", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676401", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "58075", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58075", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676853", }, { name: "59187", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59187", }, { name: "59041", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59041", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676092", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21681214", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0007.html", }, { name: "60475", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60475", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://svn.apache.org/r1565143", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2014-0110.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755", }, { tags: [ "x_refsource_MISC", ], url: "http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html", }, { name: "MDVSA-2015:084", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676410", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676405", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://tomcat.apache.org/security-7.html", }, { name: "59492", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59492", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59500", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59500", }, { name: "59183", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59183", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://tomcat.apache.org/security-8.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676403", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "RHSA-2014:0252", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0252.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm", }, { name: "JVNDB-2014-000017", tags: [ "third-party-advisory", "x_refsource_JVNDB", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { name: "USN-2130-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2130-1", }, { name: "65400", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/65400", }, { name: "RHSA-2014:0400", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0400.html", }, { name: "59725", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59725", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675432", }, { name: "57915", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/57915", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { name: "59399", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59399", }, { name: "[commons-dev] 20140206 [SECURITY] CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907%40apache.org%3E", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676091", }, { name: "58976", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58976", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html", }, { name: "RHSA-2014:0253", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0253.html", }, { name: "59232", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59232", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677724", }, { name: "20140625 NEW VMSA-2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/532549/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21669554", }, { name: "GLSA-202107-39", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202107-39", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2014-0050", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0008.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0008.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676656", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676656", }, { name: "JVN#14876762", refsource: "JVN", url: "http://jvn.jp/en/jp/JVN14876762/index.html", }, { name: "HPSBGN03329", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=143136844732487&w=2", }, { name: "60753", refsource: "SECUNIA", url: "http://secunia.com/advisories/60753", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1062337", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1062337", }, { name: "59184", refsource: "SECUNIA", url: "http://secunia.com/advisories/59184", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677691", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677691", }, { name: "DSA-2856", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2856", }, { name: "59039", refsource: "SECUNIA", url: "http://secunia.com/advisories/59039", }, { name: "59185", refsource: "SECUNIA", url: "http://secunia.com/advisories/59185", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676401", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676401", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { name: "58075", refsource: "SECUNIA", url: "http://secunia.com/advisories/58075", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676853", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676853", }, { name: "59187", refsource: "SECUNIA", url: "http://secunia.com/advisories/59187", }, { name: "59041", refsource: "SECUNIA", url: "http://secunia.com/advisories/59041", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676092", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676092", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21681214", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21681214", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0007.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0007.html", }, { name: "60475", refsource: "SECUNIA", url: "http://secunia.com/advisories/60475", }, { name: "http://svn.apache.org/r1565143", refsource: "CONFIRM", url: "http://svn.apache.org/r1565143", }, { name: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917", }, { name: "http://advisories.mageia.org/MGASA-2014-0110.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2014-0110.html", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755", }, { name: "http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html", refsource: "MISC", url: "http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html", }, { name: "MDVSA-2015:084", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084", }, { name: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html", refsource: "CONFIRM", url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676410", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676410", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676405", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676405", }, { name: "http://tomcat.apache.org/security-7.html", refsource: "CONFIRM", url: "http://tomcat.apache.org/security-7.html", }, { name: "59492", refsource: "SECUNIA", url: "http://secunia.com/advisories/59492", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "59500", refsource: "SECUNIA", url: "http://secunia.com/advisories/59500", }, { name: "59183", refsource: "SECUNIA", url: "http://secunia.com/advisories/59183", }, { name: "http://tomcat.apache.org/security-8.html", refsource: "CONFIRM", url: "http://tomcat.apache.org/security-8.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676403", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676403", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "RHSA-2014:0252", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0252.html", }, { name: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm", refsource: "CONFIRM", url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm", }, { name: "JVNDB-2014-000017", refsource: "JVNDB", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { name: "USN-2130-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2130-1", }, { name: "65400", refsource: "BID", url: "http://www.securityfocus.com/bid/65400", }, { name: "RHSA-2014:0400", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0400.html", }, { name: "59725", refsource: "SECUNIA", url: "http://secunia.com/advisories/59725", }, { name: "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21675432", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675432", }, { name: "57915", refsource: "SECUNIA", url: "http://secunia.com/advisories/57915", }, { name: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { name: "59399", refsource: "SECUNIA", url: "http://secunia.com/advisories/59399", }, { name: "[commons-dev] 20140206 [SECURITY] CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS", refsource: "MLIST", url: "http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907@apache.org%3E", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676091", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676091", }, { name: "58976", refsource: "SECUNIA", url: "http://secunia.com/advisories/58976", }, { name: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html", refsource: "CONFIRM", url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html", }, { name: "RHSA-2014:0253", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0253.html", }, { name: "59232", refsource: "SECUNIA", url: "http://secunia.com/advisories/59232", }, { name: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html", refsource: "CONFIRM", url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21677724", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677724", }, { name: "20140625 NEW VMSA-2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/532549/100/0/threaded", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21669554", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21669554", }, { name: "GLSA-202107-39", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202107-39", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-0050", datePublished: "2014-03-28T19:00:00", dateReserved: "2013-12-03T00:00:00", dateUpdated: "2024-08-06T09:05:38.958Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2023-24998 (GCVE-0-2023-24998)
Vulnerability from cvelistv5
Published
2023-02-20 15:57
Modified
2025-02-13 16:44
Severity ?
EPSS score ?
Summary
Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.
Note that, like all of the file upload limits, the
new configuration option (FileUploadBase#setFileCountMax) is not
enabled by default and must be explicitly configured.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Apache Software Foundation | Apache Commons FileUpload |
Version: 0 ≤ |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T11:11:43.763Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://security.netapp.com/advisory/ntap-20230302-0013/", }, { tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/05/22/1", }, { tags: [ "x_transferred", ], url: "https://security.gentoo.org/glsa/202305-37", }, { tags: [ "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5522", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Apache Commons FileUpload", vendor: "Apache Software Foundation", versions: [ { lessThan: "1.5", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "Apache Tomcat", vendor: "Apache Software Foundation", versions: [ { status: "affected", version: "11.0.0-M1", }, { lessThanOrEqual: "10.1.4", status: "affected", version: "10.0.0-M1", versionType: "semver", }, { lessThanOrEqual: "9.0.70", status: "affected", version: "9.0.0-M1", versionType: "semver", }, { lessThanOrEqual: "8.5.84", status: "affected", version: "8.5.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Jakob Ackermann", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<div>Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.</div><div><br></div><div>Note that, like all of the file upload limits, the\n new configuration option (FileUploadBase#setFileCountMax) is not\n enabled by default and must be explicitly configured.<br></div>", }, ], value: "Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.\n\n\n\n\nNote that, like all of the file upload limits, the\n new configuration option (FileUploadBase#setFileCountMax) is not\n enabled by default and must be explicitly configured.", }, ], metrics: [ { other: { content: { text: "important", }, type: "Textual description of severity", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770 Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-13T15:06:16.472Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "vendor-advisory", ], url: "https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy", }, { url: "http://www.openwall.com/lists/oss-security/2023/05/22/1", }, { url: "https://security.gentoo.org/glsa/202305-37", }, { url: "https://www.debian.org/security/2023/dsa-5522", }, { url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html", }, ], source: { discovery: "EXTERNAL", }, title: "Apache Commons FileUpload, Apache Tomcat: FileUpload DoS with excessive parts", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2023-24998", datePublished: "2023-02-20T15:57:07.372Z", dateReserved: "2023-02-01T10:32:05.492Z", dateUpdated: "2025-02-13T16:44:27.490Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2023-02-20 16:15
Modified
2025-02-13 17:16
Severity ?
Summary
Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.
Note that, like all of the file upload limits, the
new configuration option (FileUploadBase#setFileCountMax) is not
enabled by default and must be explicitly configured.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | commons_fileupload | * | |
| apache | commons_fileupload | 1.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:commons_fileupload:*:*:*:*:*:*:*:*", matchCriteriaId: "7B386378-64A5-417D-9FE8-F25AE7A26459", versionEndExcluding: "1.5", versionStartIncluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:commons_fileupload:1.0:beta:*:*:*:*:*:*", matchCriteriaId: "58B413FF-EBC0-4DFA-B507-AA2A3579E349", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.\n\n\n\n\nNote that, like all of the file upload limits, the\n new configuration option (FileUploadBase#setFileCountMax) is not\n enabled by default and must be explicitly configured.", }, ], id: "CVE-2023-24998", lastModified: "2025-02-13T17:16:09.017", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-20T16:15:10.423", references: [ { source: "security@apache.org", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2023/05/22/1", }, { source: "security@apache.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202305-37", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5522", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2023/05/22/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202305-37", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20230302-0013/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5522", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-770", }, ], source: "security@apache.org", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-07-04 22:59
Modified
2025-04-12 10:46
Severity ?
Summary
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:hp:icewall_identity_manager:5.0:*:*:*:*:*:*:*", matchCriteriaId: "EE418D71-EAD6-4BB6-B6D6-88CE0FFA5A53", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:icewall_sso_agent_option:10.0:*:*:*:*:*:*:*", matchCriteriaId: "531FE660-C1A9-4C83-90BE-E38AA493D4F7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*", matchCriteriaId: "9D0689FE-4BC0-4F53-8C79-34B21F9B86C2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*", matchCriteriaId: "C0C5F004-F7D8-45DB-B173-351C50B0EC16", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*", matchCriteriaId: "D1902D2E-1896-4D3D-9E1C-3A675255072C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*", matchCriteriaId: "454211D0-60A2-4661-AECA-4C0121413FEB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*", matchCriteriaId: "4752862B-7D26-4285-B8A0-CF082C758353", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*", matchCriteriaId: "58EA7199-3373-4F97-9907-3A479A02155E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*", matchCriteriaId: "4693BD36-E522-4C8E-9667-8F3E14A05EF3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*", matchCriteriaId: "2BBBC5EA-012C-4C5D-A61B-BAF134B300DA", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*", matchCriteriaId: "2A358FDF-C249-4D7A-9445-8B9E7D9D40AF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AFF96F96-34DB-4EB3-BF59-11220673FA26", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*", matchCriteriaId: "EDF3E379-47D2-4C86-8C6D-8B3C25A0E1C4", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*", matchCriteriaId: "61E008F8-2F01-4DD8-853A-337B4B4163C6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*", matchCriteriaId: "701424A2-BB06-44B5-B468-7164E4F95529", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*", matchCriteriaId: "1BA6388C-5B6E-4651-8AE3-EBCCF61C27E7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*", matchCriteriaId: "8F9A5B7E-33A9-4651-9BE1-371A0064B661", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*", matchCriteriaId: "F99252E8-A59C-48E1-B251-718D7FB3E399", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.17:*:*:*:*:*:*:*", matchCriteriaId: "4E0DDEF6-A8EE-46C4-A046-A1F26E7C4E87", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.18:*:*:*:*:*:*:*", matchCriteriaId: "14B38892-9C00-4510-B7BA-F2A8F2CACCAE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.20:*:*:*:*:*:*:*", matchCriteriaId: "7409B064-D43E-489E-AEC6-0A767FB21737", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.21:*:*:*:*:*:*:*", matchCriteriaId: "F019268F-80C4-48FE-8164-E9DA0A3BAFF6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.22:*:*:*:*:*:*:*", matchCriteriaId: "1EFBD214-FCFE-4F04-A903-66EFDA764B9A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.23:*:*:*:*:*:*:*", matchCriteriaId: "425D86B3-6BB9-410D-8125-F7CF87290AD6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.24:*:*:*:*:*:*:*", matchCriteriaId: "3EE3BB0D-1002-41E4-9BE8-875D97330057", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.26:*:*:*:*:*:*:*", matchCriteriaId: "6622472B-8644-4D45-A54B-A215C3D64B83", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.27:*:*:*:*:*:*:*", matchCriteriaId: "B338F95B-2924-435B-827F-E64420A93244", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.28:*:*:*:*:*:*:*", matchCriteriaId: "209D1349-7740-4DBE-80A5-E6343C62BAB5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.29:*:*:*:*:*:*:*", matchCriteriaId: "09E77C24-C265-403D-A193-B3739713F6B6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.30:*:*:*:*:*:*:*", matchCriteriaId: "28616FA3-9A98-4AAE-9F94-3E77A14156EA", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.32:*:*:*:*:*:*:*", matchCriteriaId: "603A14BF-72BB-4A3D-8CBC-932DC45CEC06", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.33:*:*:*:*:*:*:*", matchCriteriaId: "4C2E1C55-3C89-4F26-A981-1195BCC9BB5C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.35:*:*:*:*:*:*:*", matchCriteriaId: "31BB906B-812F-462C-9AEE-147C1418D865", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:tomcat:8.5.0:*:*:*:*:*:*:*", matchCriteriaId: "69A7FC28-A0EC-4516-9776-700343D2F4DB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.5.2:*:*:*:*:*:*:*", matchCriteriaId: "D4D811A9-4988-4C11-AA27-F5BE2B93D8D4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:commons_fileupload:*:*:*:*:*:*:*:*", matchCriteriaId: "63CCC942-8906-421A-A1C8-E105B54912D5", versionEndIncluding: "1.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0F8C62EF-1B67-456A-9C66-755439CF8556", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*", matchCriteriaId: "33E9607B-4D28-460D-896B-E4B7FA22441E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A819E245-D641-4F19-9139-6C940504F6E7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*", matchCriteriaId: "8C381275-10C5-4939-BCE3-0D1F3B3CB2EE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*", matchCriteriaId: "81A31CA0-A209-4C49-AA06-C38E165E5B68", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*", matchCriteriaId: "08022987-B36B-4F63-88A5-A8F59195DF4A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*", matchCriteriaId: "0AA563BF-A67A-477D-956A-167ABEF885C5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*", matchCriteriaId: "FF4B7557-EF35-451E-B55D-3296966695AC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.5:beta:*:*:*:*:*:*", matchCriteriaId: "6F1B937B-57E0-4E88-9E39-39012A924525", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*", matchCriteriaId: "8980E61E-27BE-4858-82B3-C0E8128AF521", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*", matchCriteriaId: "88CE057E-2092-4C98-8D0C-75CF439D0A9C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*", matchCriteriaId: "A9731BAA-4C6C-4259-B786-F577D8A90FA1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*", matchCriteriaId: "1F74A421-D019-4248-84B8-C70D4D9A8A95", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*", matchCriteriaId: "2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*", matchCriteriaId: "305688F2-50A6-41FB-8614-BC589DB9A789", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*", matchCriteriaId: "25966344-15D5-4101-9346-B06BFD2DFFF5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*", matchCriteriaId: "0D4F710E-06EA-48F4-AC6A-6F143950F015", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*", matchCriteriaId: "2C4936C2-0B2D-4C44-98C3-443090965F5E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*", matchCriteriaId: "48453405-2319-4327-9F4C-6F70B49452C6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*", matchCriteriaId: "49DD9544-6424-41A6-AEC0-EC19B8A10E71", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*", matchCriteriaId: "E4670E65-2E11-49A4-B661-57C2F60D411F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*", matchCriteriaId: "31002A23-4788-4BC7-AE11-A3C2AA31716D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*", matchCriteriaId: "7144EDDF-8265-4642-8EEB-ED52527E0A26", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*", matchCriteriaId: "DF06B5C1-B9DD-4673-A101-56E1E593ACDD", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*", matchCriteriaId: "7D731065-626B-4425-8E49-F708DD457824", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*", matchCriteriaId: "B3D850EA-E537-42C8-93B9-96E15CB26747", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*", matchCriteriaId: "E037DA05-2BEF-4F64-B8BB-307247B6A05C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*", matchCriteriaId: "D395D95B-1F4A-420E-A0F6-609360AF7B69", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*", matchCriteriaId: "9BD221BA-0AB6-4972-8AD9-5D37AC07762F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*", matchCriteriaId: "E55B6565-96CB-4F6A-9A80-C3FB82F30546", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*", matchCriteriaId: "D3300AFE-49A4-4904-B9A0-5679F09FA01E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*", matchCriteriaId: "7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*", matchCriteriaId: "B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*", matchCriteriaId: "2C6109D1-BC36-40C5-A02A-7AEBC949BAC0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*", matchCriteriaId: "DA8A7333-B4C3-4876-AE01-62F2FD315504", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*", matchCriteriaId: "92993E23-D805-407B-8B87-11CEEE8B212F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*", matchCriteriaId: "6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*", matchCriteriaId: "C947E549-2459-4AFB-84A7-36BDA30B5F29", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*", matchCriteriaId: "5D55DF79-F9BE-4907-A4D8-96C4B11189ED", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*", matchCriteriaId: "14AB5787-82D7-4F78-BE93-4556AB7A7D0E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*", matchCriteriaId: "F8E9453E-BC9B-4F77-85FA-BA15AC55C245", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*", matchCriteriaId: "A7EF0518-73F9-47DB-8946-A8334936BEFF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*", matchCriteriaId: "95AA8778-7833-4572-A71B-5FD89938CE94", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*", matchCriteriaId: "242E47CE-EF69-4F8F-AB40-5AF2811674CE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:*", matchCriteriaId: "CDA1555C-E55A-4E14-B786-BFEE3F09220B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.61:*:*:*:*:*:*:*", matchCriteriaId: "F8075E9A-DA7F-4A0B-8B4D-0CD951369111", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:*", matchCriteriaId: "335A5320-6086-4B45-9903-82F6F92A584F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:*", matchCriteriaId: "46B33408-C2E2-4E7C-9334-6AB98F13468C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:*", matchCriteriaId: "9F036676-9EFB-4A92-828E-A38905D594E2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:*", matchCriteriaId: "E9728EE8-6029-4DF3-942E-E4ACC09111A3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.67:*:*:*:*:*:*:*", matchCriteriaId: "34E7DAC8-8419-45D1-A28F-14CF2FE1B6EE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.68:*:*:*:*:*:*:*", matchCriteriaId: "89B87EB5-4902-4C2A-878A-45185F7D0FA1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.69:*:*:*:*:*:*:*", matchCriteriaId: "C0596E6C-9ACE-4106-A2FF-BED7967C323F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.", }, { lang: "es", value: "La clase MultipartStream en Apache Commons Fileupload en versiones anteriores a 1.3.2, tal como se utiliza en Apache Tomcat 7.x en versiones anteriores a 7.0.70, 8.x en versiones anteriores a 8.0.36, 8.5.x en versiones anteriores a 8.5.3 y 9.x en versiones anteriores a 9.0.0.M7 y otros productos, permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de una cadena de límite largo.", }, ], id: "CVE-2016-3092", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-07-04T22:59:04.303", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://jvn.jp/en/jp/JVN89379547/index.html", }, { source: "secalert@redhat.com", tags: [ "VDB Entry", "Vendor Advisory", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000121", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", ], url: "http://mail-archives.apache.org/mod_mbox/commons-dev/201606.mbox/%3CCAF8HOZ%2BPq2QH8RnxBuJyoK1dOz6jrTiQypAC%2BH8g6oZkBg%2BCxg%40mail.gmail.com%3E", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2068.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2069.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2070.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2071.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2072.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2599.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2807.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2808.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html", }, { source: "secalert@redhat.com", url: "http://svn.apache.org/viewvc?view=revision&revision=1743480", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1743722", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1743738", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1743742", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://tomcat.apache.org/security-7.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://tomcat.apache.org/security-8.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://tomcat.apache.org/security-9.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3609", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3611", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3614", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91453", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1036427", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1036900", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1037029", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1039606", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3024-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3027-1", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2017:0455", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2017:0456", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1349468", }, { source: "secalert@redhat.com", tags: [ "Patch", "Permissions Required", "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05204371", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289840", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201705-09", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/202107-39", }, { source: "secalert@redhat.com", url: "https://security.netapp.com/advisory/ntap-20190212-0001/", }, { source: "secalert@redhat.com", url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { source: "secalert@redhat.com", url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://jvn.jp/en/jp/JVN89379547/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "VDB Entry", "Vendor Advisory", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000121", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://mail-archives.apache.org/mod_mbox/commons-dev/201606.mbox/%3CCAF8HOZ%2BPq2QH8RnxBuJyoK1dOz6jrTiQypAC%2BH8g6oZkBg%2BCxg%40mail.gmail.com%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2068.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2069.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2070.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2071.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2072.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2599.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2807.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2808.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://svn.apache.org/viewvc?view=revision&revision=1743480", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1743722", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1743738", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1743742", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tomcat.apache.org/security-7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tomcat.apache.org/security-8.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tomcat.apache.org/security-9.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3609", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3611", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3614", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91453", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1036427", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1036900", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1037029", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1039606", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3024-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3027-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2017:0455", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2017:0456", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1349468", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Permissions Required", "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05204371", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289840", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201705-09", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/202107-39", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20190212-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-04-01 06:27
Modified
2025-04-12 10:46
Severity ?
Summary
MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:retail_applications:12.0:*:*:*:*:*:*:*", matchCriteriaId: "2141D8D6-1899-49A2-85C7-4E1ACA411663", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_applications:12.0in:*:*:*:*:*:*:*", matchCriteriaId: "98176890-C14E-4E0F-878D-8B7CDDF36389", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_applications:13.0:*:*:*:*:*:*:*", matchCriteriaId: "B31C4B61-0A82-4ADC-8DE3-E291B06694AA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_applications:13.1:*:*:*:*:*:*:*", matchCriteriaId: "0DDCBCD1-583C-4039-AFA3-0136F9E8F46D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_applications:13.2:*:*:*:*:*:*:*", matchCriteriaId: "C5D95173-F331-4886-A312-2122B74A28FA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_applications:13.3:*:*:*:*:*:*:*", matchCriteriaId: "A6953917-DD9F-40DE-A9B2-0D3464F7864B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_applications:13.4:*:*:*:*:*:*:*", matchCriteriaId: "88BDD825-2CC8-4164-A895-5AC00F122F4F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_applications:14.0:*:*:*:*:*:*:*", matchCriteriaId: "7D1D695F-15EF-4CDE-98C4-91E9D3D5188A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:commons_fileupload:*:*:*:*:*:*:*:*", matchCriteriaId: "BD5CFCD3-1E1E-4A9E-B0D8-1DA505BC426A", versionEndIncluding: "1.3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:commons_fileupload:1.0:*:*:*:*:*:*:*", matchCriteriaId: "F15B6651-DC03-4403-BA24-847509A818C5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:commons_fileupload:1.1:*:*:*:*:*:*:*", matchCriteriaId: "A7E0CBD8-A3CA-46D2-92ED-FBD3E0B34984", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:commons_fileupload:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "5EAAFFAF-4570-4520-A204-03CA6B25CEA2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:commons_fileupload:1.2:*:*:*:*:*:*:*", matchCriteriaId: "9419F6EC-7A3D-483E-8331-8BAC8546F294", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:commons_fileupload:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "17C5F883-306F-4CEE-A56F-5B697962AB2D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:commons_fileupload:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "6318E461-47A6-40F5-ACB6-A5B7DD19CCA0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0F8C62EF-1B67-456A-9C66-755439CF8556", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*", matchCriteriaId: "33E9607B-4D28-460D-896B-E4B7FA22441E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A819E245-D641-4F19-9139-6C940504F6E7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*", matchCriteriaId: "8C381275-10C5-4939-BCE3-0D1F3B3CB2EE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*", matchCriteriaId: "81A31CA0-A209-4C49-AA06-C38E165E5B68", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*", matchCriteriaId: "7205475A-6D04-4042-B24E-1DA5A57029B7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*", matchCriteriaId: "08022987-B36B-4F63-88A5-A8F59195DF4A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*", matchCriteriaId: "0AA563BF-A67A-477D-956A-167ABEF885C5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*", matchCriteriaId: "FF4B7557-EF35-451E-B55D-3296966695AC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*", matchCriteriaId: "8980E61E-27BE-4858-82B3-C0E8128AF521", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*", matchCriteriaId: "8756BF9B-3E24-4677-87AE-31CE776541F0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*", matchCriteriaId: "88CE057E-2092-4C98-8D0C-75CF439D0A9C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*", matchCriteriaId: "8F194580-EE6D-4E38-87F3-F0661262256B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*", matchCriteriaId: "A9731BAA-4C6C-4259-B786-F577D8A90FA1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*", matchCriteriaId: "1F74A421-D019-4248-84B8-C70D4D9A8A95", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*", matchCriteriaId: "2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*", matchCriteriaId: "05346F5A-FB52-4376-AAC7-9A5308216545", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*", matchCriteriaId: "305688F2-50A6-41FB-8614-BC589DB9A789", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*", matchCriteriaId: "D24AA431-C436-4AA5-85DF-B9AAFF2548FC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*", matchCriteriaId: "25966344-15D5-4101-9346-B06BFD2DFFF5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*", matchCriteriaId: "11F4CBAC-27B1-4EFF-955A-A63B457D0578", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*", matchCriteriaId: "FD55B338-9DBE-4643-ABED-A08964D3AF7C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*", matchCriteriaId: "0D4F710E-06EA-48F4-AC6A-6F143950F015", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*", matchCriteriaId: "2C4936C2-0B2D-4C44-98C3-443090965F5E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*", matchCriteriaId: "48453405-2319-4327-9F4C-6F70B49452C6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*", matchCriteriaId: "49DD9544-6424-41A6-AEC0-EC19B8A10E71", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*", matchCriteriaId: "E4670E65-2E11-49A4-B661-57C2F60D411F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*", matchCriteriaId: "5E8FF71D-4710-4FBB-9925-A6A26C450F7D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*", matchCriteriaId: "31002A23-4788-4BC7-AE11-A3C2AA31716D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*", matchCriteriaId: "7144EDDF-8265-4642-8EEB-ED52527E0A26", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*", matchCriteriaId: "DF06B5C1-B9DD-4673-A101-56E1E593ACDD", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*", matchCriteriaId: "7D731065-626B-4425-8E49-F708DD457824", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*", matchCriteriaId: "B3D850EA-E537-42C8-93B9-96E15CB26747", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*", matchCriteriaId: "E037DA05-2BEF-4F64-B8BB-307247B6A05C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*", matchCriteriaId: "BCAF1EB5-FB34-40FC-96ED-9D073890D8BF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*", matchCriteriaId: "D395D95B-1F4A-420E-A0F6-609360AF7B69", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*", matchCriteriaId: "9BD221BA-0AB6-4972-8AD9-5D37AC07762F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*", matchCriteriaId: "E55B6565-96CB-4F6A-9A80-C3FB82F30546", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*", matchCriteriaId: "D3300AFE-49A4-4904-B9A0-5679F09FA01E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*", matchCriteriaId: "ED5125CC-05F9-4678-90DB-A5C7CD24AE6F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*", matchCriteriaId: "7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*", matchCriteriaId: "1B904C74-B92E-4EAE-AE6C-78E2B844C3DB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*", matchCriteriaId: "B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*", matchCriteriaId: "2C6109D1-BC36-40C5-A02A-7AEBC949BAC0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*", matchCriteriaId: "DA8A7333-B4C3-4876-AE01-62F2FD315504", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*", matchCriteriaId: "92993E23-D805-407B-8B87-11CEEE8B212F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*", matchCriteriaId: "7A11BD74-305C-41E2-95B1-5008EEF5FA5F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*", matchCriteriaId: "595442D0-9DB7-475A-AE30-8535B70E122E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*", matchCriteriaId: "4B0BA92A-0BD3-4CE4-9465-95E949104BAC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*", matchCriteriaId: "6F944B72-B9EB-4EB8-AEA3-E0D7ADBE1305", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*", matchCriteriaId: "6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*", matchCriteriaId: "BFD3EB84-2ED2-49D4-8BC9-6398C2E46F0A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*", matchCriteriaId: "DEDF6E1A-0DD6-42AB-9510-F6F4B6002C91", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*", matchCriteriaId: "C947E549-2459-4AFB-84A7-36BDA30B5F29", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*", matchCriteriaId: "4752862B-7D26-4285-B8A0-CF082C758353", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*", matchCriteriaId: "58EA7199-3373-4F97-9907-3A479A02155E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*", matchCriteriaId: "4693BD36-E522-4C8E-9667-8F3E14A05EF3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*", matchCriteriaId: "2BBBC5EA-012C-4C5D-A61B-BAF134B300DA", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*", matchCriteriaId: "2A358FDF-C249-4D7A-9445-8B9E7D9D40AF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.", }, { lang: "es", value: "MultipartStream.java en Apache Commons FileUpload anterior a 1.3.1, utilizado en Apache Tomcat, JBoss Web y otros productos, permite a atacantes remotos causar una denegación de servicio (bucle infinito y consumo de CPU) a través de una cabecera Content-Type manipulada que evade las condiciones de salida del bucle.", }, ], evaluatorComment: "The previous CVSS assessment ( Base Score: 5.0 - AV:N/AC:L/AU:N/C:N/I:N/A:P) was provided at the time of initial analysis based on the best available published information at that time. The score has been updated to reflect the impact to Oracle products per <a href=http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html> Oracle Critical Patch Update Advisory - October 2015 </a>. Other products listed as vulnerable may or may not be similarly impacted.", id: "CVE-2014-0050", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-04-01T06:27:51.373", references: [ { source: "secalert@redhat.com", url: "http://advisories.mageia.org/MGASA-2014-0110.html", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html", }, { source: "secalert@redhat.com", url: "http://jvn.jp/en/jp/JVN14876762/index.html", }, { source: "secalert@redhat.com", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017", }, { source: "secalert@redhat.com", url: "http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907%40apache.org%3E", }, { source: "secalert@redhat.com", url: "http://marc.info/?l=bugtraq&m=143136844732487&w=2", }, { source: "secalert@redhat.com", url: "http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2014-0252.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2014-0253.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2014-0400.html", }, { source: "secalert@redhat.com", url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/57915", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/58075", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/58976", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/59039", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/59041", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/59183", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/59184", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/59185", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/59187", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/59232", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/59399", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/59492", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/59500", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/59725", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/60475", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/60753", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://svn.apache.org/r1565143", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-7.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-8.html", }, { source: "secalert@redhat.com", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21669554", }, { source: "secalert@redhat.com", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675432", }, { source: "secalert@redhat.com", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676091", }, { source: "secalert@redhat.com", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676092", }, { source: "secalert@redhat.com", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676401", }, { source: "secalert@redhat.com", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676403", }, { source: "secalert@redhat.com", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676405", }, { source: "secalert@redhat.com", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676410", }, { source: "secalert@redhat.com", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676656", }, { source: "secalert@redhat.com", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676853", }, { source: "secalert@redhat.com", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677691", }, { source: "secalert@redhat.com", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677724", }, { source: "secalert@redhat.com", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21681214", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2014/dsa-2856", }, { source: "secalert@redhat.com", url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html", }, { source: "secalert@redhat.com", url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html", }, { source: "secalert@redhat.com", url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html", }, { source: "secalert@redhat.com", url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/532549/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/65400", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2130-1", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/security/advisories/VMSA-2014-0007.html", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/security/advisories/VMSA-2014-0008.html", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1062337", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/202107-39", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://advisories.mageia.org/MGASA-2014-0110.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvn.jp/en/jp/JVN14876762/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907%40apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=143136844732487&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2014-0252.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2014-0253.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2014-0400.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2014/Dec/23", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/57915", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/58075", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/58976", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59039", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59041", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59183", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59184", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59185", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59187", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59232", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59399", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59492", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59725", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/60475", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/60753", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://svn.apache.org/r1565143", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-8.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21669554", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21675432", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676091", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676092", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676401", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676403", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676405", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676410", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676656", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676853", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677691", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21677724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21681214", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2014/dsa-2856", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/532549/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/534161/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/65400", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2130-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/security/advisories/VMSA-2014-0007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/security/advisories/VMSA-2014-0008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1062337", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/202107-39", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-03-15 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | commons_fileupload | 1.0 | |
| apache | commons_fileupload | 1.1 | |
| apache | commons_fileupload | 1.1.1 | |
| apache | commons_fileupload | 1.2 | |
| apache | commons_fileupload | 1.2.1 | |
| apache | commons_fileupload | 1.2.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:commons_fileupload:1.0:*:*:*:*:*:*:*", matchCriteriaId: "F15B6651-DC03-4403-BA24-847509A818C5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:commons_fileupload:1.1:*:*:*:*:*:*:*", matchCriteriaId: "A7E0CBD8-A3CA-46D2-92ED-FBD3E0B34984", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:commons_fileupload:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "5EAAFFAF-4570-4520-A204-03CA6B25CEA2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:commons_fileupload:1.2:*:*:*:*:*:*:*", matchCriteriaId: "9419F6EC-7A3D-483E-8331-8BAC8546F294", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:commons_fileupload:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "17C5F883-306F-4CEE-A56F-5B697962AB2D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:commons_fileupload:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "6318E461-47A6-40F5-ACB6-A5B7DD19CCA0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.", }, { lang: "es", value: "La configuración por defecto de javax.servlet.context.tempdir en Apache FileUpload v1.0 hastar v1.2.2 usa el directorio /tmp para subir ficheros, lo que permite a usuarios locales sobreescribir ficheros arbitrarios mediante un ataque de enlace simbólico no especificado.", }, ], id: "CVE-2013-0248", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-03-15T20:55:10.553", references: [ { source: "secalert@redhat.com", url: "http://archives.neohapsis.com/archives/bugtraq/2013-03/0035.html", }, { source: "secalert@redhat.com", url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { source: "secalert@redhat.com", url: "http://www.osvdb.org/90906", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/58326", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/202107-39", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/bugtraq/2013-03/0035.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/90906", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/58326", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/202107-39", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-10-25 14:29
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | commons_fileupload | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:commons_fileupload:*:*:*:*:*:*:*:*", matchCriteriaId: "7A6FC4C5-ADA8-44B0-80B3-672B0025BF3C", versionEndIncluding: "1.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution", }, { lang: "es", value: "Apache Commons FileUpload versión anterior a 1.3.3, la manipulación del archivo DiskFileItem conduce a la ejecución de código remota.", }, ], evaluatorComment: "Per Apache: \"Having reviewed your report we have concluded that it does not represent a valid vulnerability in Apache Commons File Upload. If an application deserializes data from an untrusted source without filtering and/or validation that is an application vulnerability not a vulnerability in the library a potential attacker might leverage.\"", id: "CVE-2016-1000031", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-10-25T14:29:00.180", references: [ { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00036.html", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93604", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.zerodayinitiative.com/advisories/ZDI-16-570/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://issues.apache.org/jira/browse/FILEUPLOAD-279", }, { source: "cve@mitre.org", url: "https://issues.apache.org/jira/browse/WW-4812", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/d66657323fd25e437face5e84899c8ca404ccd187e81c3f2fa8b6080%40%3Cannounce.apache.org%3E", }, { source: "cve@mitre.org", url: "https://security.netapp.com/advisory/ntap-20190212-0001/", }, { source: "cve@mitre.org", url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { source: "cve@mitre.org", url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { source: "cve@mitre.org", url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "cve@mitre.org", url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "cve@mitre.org", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "cve@mitre.org", url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "cve@mitre.org", url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "cve@mitre.org", url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { source: "cve@mitre.org", url: "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", }, { source: "cve@mitre.org", url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { source: "cve@mitre.org", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { source: "cve@mitre.org", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/research/tra-2016-12", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/research/tra-2016-23", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/research/tra-2016-30", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00036.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93604", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.zerodayinitiative.com/advisories/ZDI-16-570/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://issues.apache.org/jira/browse/FILEUPLOAD-279", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://issues.apache.org/jira/browse/WW-4812", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/d66657323fd25e437face5e84899c8ca404ccd187e81c3f2fa8b6080%40%3Cannounce.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20190212-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/research/tra-2016-12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/research/tra-2016-23", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/research/tra-2016-30", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }