ICEfaces
  1. ICEfaces
  2. ICE-10023

Fix CVE-2014-0050 DoS with malformed Content-Type header and multipart request processing

          Details

          • Assignee Priority:
            P1

            Description

            ICEfaces FileEntry makes use of an embedded copy of commons-fileupload, so is vulnerable to the following:

            MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.

            https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050

              Issue Links

              blocks

              Bug - A problem which impairs or prevents the functions of the product. ICE-10355 update commons-fileupload library to v1.3.1 for security fix for ice:inputFile

              • Major - Major loss of function.
              • Closed

              Task - A task that needs to be done. ICE-11437 Fix CVE-2016-3092 Specially crafted input can trigger a DoS, if the size of the MIME boundard is close to the size of the buffer in MultipartStream

              • Major - Major loss of function.
              • Closed

                Activity

                Ascending order - Click to sort in descending order
                Ted Goddard created issue -
                Hide
                Permalink
                Ted Goddard added a comment - - edited

                Two small changes to fileupload/MultipartStream.java and fileupload/FileUploadBase.java:

                http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/fileupload/MultipartStream.java?r1=1561650&r2=1565169&pathrev=1565169&diff_format=h

                http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java?r1=1561650&r2=1565169&pathrev=1565169&diff_format=h

                Checkin comment:

                "Fix CVE-2014-0050 DoS with malformed Content-Type header and multipart request processing."

                Show
                Ted Goddard added a comment - - edited Two small changes to fileupload/MultipartStream.java and fileupload/FileUploadBase.java: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/fileupload/MultipartStream.java?r1=1561650&r2=1565169&pathrev=1565169&diff_format=h http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java?r1=1561650&r2=1565169&pathrev=1565169&diff_format=h Checkin comment: "Fix CVE-2014-0050 DoS with malformed Content-Type header and multipart request processing."
                Ken Fyten made changes -
                Field Original Value New Value
                Assignee Mircea Toma [ mircea.toma ]
                Fix Version/s EE-3.3.0.GA_P02 [ 11371 ]
                Fix Version/s 4.0 [ 11382 ]
                Affects Version/s EE-3.3.0.GA [ 10572 ]
                Affects Version/s 3.3 [ 10370 ]
                Affects Version/s EE-3.3.0.GA_P01 [ 11174 ]
                Assignee Priority P1 [ 10010 ]
                Ken Fyten made changes -
                Summary Infinite loop caused by malformed Content-Type header Fix CVE-2014-0050 DoS with malformed Content-Type header and multipart request processing
                Ken Fyten made changes -
                Security Private [ 10001 ]
                Repository Revision Date User Message
                ICEsoft Public SVN Repository #41168 Thu May 15 11:19:21 MDT 2014 mircea.toma ICE-10023 Applied patch to guards against denial of service attacks.
                Files Changed
                Commit graph MODIFY /icefaces4/trunk/icefaces/ace/component/src/org/icefaces/apache/commons/fileupload/MultipartStream.java
                Commit graph MODIFY /icefaces4/trunk/icefaces/ace/component/src/org/icefaces/apache/commons/fileupload/FileUploadBase.java
                Hide
                Permalink
                Mircea Toma added a comment -

                Applied patches to guard against denial of service attacks.

                Show
                Mircea Toma added a comment - Applied patches to guard against denial of service attacks.
                Mircea Toma made changes -
                Status Open [ 1 ] Resolved [ 5 ]
                Resolution Fixed [ 1 ]
                Judy Guglielmin made changes -
                Link This issue blocks ICE-10355 [ ICE-10355 ]
                Ken Fyten made changes -
                Status Resolved [ 5 ] Closed [ 6 ]
                Arturo Zambrano made changes -
                Link This issue blocks ICE-11437 [ ICE-11437 ]

                  People

                  • Assignee:
                    Mircea Toma
                    Reporter:
                    Ted Goddard
                  • Votes:
                    0 Vote for this issue
                    Watchers:
                    2 Start watching this issue

                    Dates

                    • Created:
                      Updated:
                      Resolved: