CVE-2014-0050

HIGH severity · CVSS 7.5 · CWE-264

7.5CVSS HIGH

Summary

MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.

Impact & exploitability

Attack vectorNetwork

Attack complexityLow

Privileges required—

User interaction—

Confidentiality impact—

Integrity impact—

Availability impact—

Exploit probability (EPSS)93%

AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected products we track (1)

Apache Tomcat

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Additional information

NVD record
http://advisories.mageia.org/MGASA-2014-0110.html
http://jvn.jp/en/jp/JVN14876762/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017
http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907%40apache.org%3E
http://marc.info/?l=bugtraq&m=143136844732487&w=2
http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html
http://rhn.redhat.com/errata/RHSA-2014-0252.html
http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.htmlExploit