CVE-2014-0050

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.

References

http://jvn.jp/en/jp/JVN14876762/index.html

http://tomcat.apache.org/security-8.html

http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%[email protected]%3E

https://bugzilla.redhat.com/show_bug.cgi?id=1062337

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017

http://svn.apache.org/r1565143

http://tomcat.apache.org/security-7.html

http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html

http://rhn.redhat.com/errata/RHSA-2014-0400.html

http://secunia.com/advisories/57915

http://www-01.ibm.com/support/docview.wss?uid=swg21676410

http://secunia.com/advisories/58976

http://secunia.com/advisories/59232

http://secunia.com/advisories/59183

http://secunia.com/advisories/59500

http://www-01.ibm.com/support/docview.wss?uid=swg21676401

http://secunia.com/advisories/58075

http://www-01.ibm.com/support/docview.wss?uid=swg21677724

http://www-01.ibm.com/support/docview.wss?uid=swg21676853

http://secunia.com/advisories/59187

http://www-01.ibm.com/support/docview.wss?uid=swg21675432

http://secunia.com/advisories/59041

http://secunia.com/advisories/59185

http://secunia.com/advisories/59492

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html

http://www.securityfocus.com/bid/65400

http://secunia.com/advisories/59039

http://secunia.com/advisories/59725

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html

http://secunia.com/advisories/59399

http://www-01.ibm.com/support/docview.wss?uid=swg21676656

http://www-01.ibm.com/support/docview.wss?uid=swg21676403

http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html

http://secunia.com/advisories/59184

http://www-01.ibm.com/support/docview.wss?uid=swg21676405

http://www.vmware.com/security/advisories/VMSA-2014-0007.html

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm

http://secunia.com/advisories/60475

http://secunia.com/advisories/60753

http://www-01.ibm.com/support/docview.wss?uid=swg21677691

http://www-01.ibm.com/support/docview.wss?uid=swg21681214

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

http://seclists.org/fulldisclosure/2014/Dec/23

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

http://www.mandriva.com/security/advisories?name=MDVSA-2015:084

http://advisories.mageia.org/MGASA-2014-0110.html

http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

http://www-01.ibm.com/support/docview.wss?uid=swg21676091

http://www-01.ibm.com/support/docview.wss?uid=swg21676092

http://www-01.ibm.com/support/docview.wss?uid=swg21669554

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

http://marc.info/?l=bugtraq&m=143136844732487&w=2

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755

http://www.vmware.com/security/advisories/VMSA-2014-0008.html

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.ubuntu.com/usn/USN-2130-1

http://www.debian.org/security/2014/dsa-2856

http://rhn.redhat.com/errata/RHSA-2014-0253.html

http://rhn.redhat.com/errata/RHSA-2014-0252.html

http://www.securityfocus.com/archive/1/534161/100/0/threaded

http://www.securityfocus.com/archive/1/532549/100/0/threaded

Details

Source: MITRE

Published: 2014-04-01

Updated: 2021-07-17

Type: CWE-264

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:oracle:retail_applications:12.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_applications:12.0in:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_applications:13.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_applications:13.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_applications:13.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_applications:14.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_applications:13.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_applications:13.1:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*

cpe:2.3:a:apache:commons_fileupload:1.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*

cpe:2.3:a:apache:commons_fileupload:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:commons_fileupload:1.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:commons_fileupload:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:commons_fileupload:1.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*

cpe:2.3:a:apache:commons_fileupload:*:*:*:*:*:*:*:* versions up to 1.3 (inclusive)

cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*

cpe:2.3:a:apache:commons_fileupload:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*

Tenable Plugins

View all (42 total)

IDNameProductFamilySeverity
117393Apache Struts 2.x < 2.3.16.2 Multiple Vulnerabilities (S2-020)NessusMisc.
high
9699IBM WebSphere Application Server 7.0 < 7.0.0.33 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
critical
83469Oracle WebCenter Sites Multiple Vulnerabilities (April 2015 CPU)NessusWindows
high
83295MySQL Enterprise Monitor 3.0.x < 3.0.11 Multiple VulnerabilitiesNessusCGI abuses
high
83293MySQL Enterprise Monitor < 2.3.17 Multiple VulnerabilitiesNessusCGI abuses
high
82337Mandriva Linux Security Advisory : tomcat (MDVSA-2015:084)NessusMandriva Local Security Checks
medium
81105Apache Struts 2.0.0 < 2.3.16.1 Multiple Vulnerabilities (credentialed check) (Deprecated)NessusWindows
medium
79982GLSA-201412-29 : Apache Tomcat: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
78671VMware vCenter Orchestrator 5.5.x < 5.5.2 DoS (VMSA-2014-0007)NessusMisc.
high
78670VMware vCenter Orchestrator Appliance 5.5.x < 5.5.2 DoS (VMSA-2014-0007)NessusMisc.
high
78603Oracle Endeca Information Discovery Studio Multiple Vulnerabilities (October 2014 CPU)NessusCGI abuses
high
78540Oracle Database Multiple Vulnerabilities (October 2014 CPU)NessusDatabases
high
78287Amazon Linux AMI : tomcat6 (ALAS-2014-344)NessusAmazon Linux Local Security Checks
high
78165F5 Networks BIG-IP : Apache Commons FileUpload vulnerability (K15189)NessusF5 Networks Local Security Checks
high
77728VMware Security Updates for vCenter Server (VMSA-2014-0008)NessusMisc.
critical
77630VMSA-2014-0008 : VMware vSphere product updates to third-party librariesNessusVMware ESX Local Security Checks
high
76995IBM WebSphere Application Server 8.0 < Fix Pack 9 Multiple VulnerabilitiesNessusWeb Servers
high
76967IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple VulnerabilitiesNessusWeb Servers
high
76450Scientific Linux Security Update : tomcat6 on SL6.x i386/srpm/x86_64 (20140709)NessusScientific Linux Local Security Checks
high
76388VMware vCenter Operations Management Suite Multiple Vulnerabilities (VMSA-2014-0007)NessusMisc.
high
76241RHEL 5 / 6 : JBoss Web Server (RHSA-2014:0526)NessusRed Hat Local Security Checks
high
76240RHEL 5 / 6 : JBoss Web Server (RHSA-2014:0525)NessusRed Hat Local Security Checks
high
75325openSUSE Security Update : jakarta-commons-fileupload (openSUSE-SU-2014:0527-1)NessusSuSE Local Security Checks
high
75324openSUSE Security Update : jakarta-commons-fileupload (openSUSE-SU-2014:0528-1)NessusSuSE Local Security Checks
high
74293IBM WebSphere Portal Apache Commons FileUpload DoSNessusCGI abuses
high
74235IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.2 Multiple VulnerabilitiesNessusWeb Servers
high
74156IBM WebSphere Portal 8.x < 8.0.0.1 CF12 Multiple VulnerabilitiesNessusCGI abuses
high
73679Scientific Linux Security Update : tomcat6 on SL6.x (noarch) (20140423)NessusScientific Linux Local Security Checks
high
73678RHEL 6 : tomcat6 (RHSA-2014:0429)NessusRed Hat Local Security Checks
high
73677Oracle Linux 6 : tomcat6 (ELSA-2014-0429)NessusOracle Linux Local Security Checks
high
73675CentOS 6 : tomcat6 (CESA-2014:0429)NessusCentOS Local Security Checks
high
73609SuSE 11.3 Security Update : jakarta-commons-fileupload (SAT Patch Number 9087)NessusSuSE Local Security Checks
medium
73421Debian DSA-2897-1 : tomcat7 - security updateNessusDebian Local Security Checks
high
73231Amazon Linux AMI : tomcat7 (ALAS-2014-312)NessusAmazon Linux Local Security Checks
high
73003Mandriva Linux Security Advisory : apache-commons-fileupload (MDVSA-2014:056)NessusMandriva Local Security Checks
medium
72874Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : tomcat6, tomcat7 vulnerabilities (USN-2130-1)NessusUbuntu Local Security Checks
high
72853RHEL 5 / 6 : JBoss EAP (RHSA-2014:0253)NessusRed Hat Local Security Checks
high
72693Apache Tomcat 8.0.x < 8.0.3 Content-Type DoSNessusWeb Servers
medium
72692Apache Tomcat 7.0.x < 7.0.52 Content-Type DoSNessusWeb Servers
medium
72545Fedora 19 : apache-commons-fileupload-1.3-5.fc19 (2014-2183)NessusFedora Local Security Checks
high
72544Fedora 20 : apache-commons-fileupload-1.3-5.fc20 (2014-2175)NessusFedora Local Security Checks
high
72401Debian DSA-2856-1 : libcommons-fileupload-java - denial of serviceNessusDebian Local Security Checks
high