[ICE-10023] Fix CVE-2014-0050 DoS with malformed Content-Type header and multipart request processing - ICEsoft JIRA Issue Tracker

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 3.3, EE-3.3.0.GA
Fix Version/s: EE-3.3.0.GA_P02, 4.0
Component/s: ACE-Components, ICE-Components
Labels:
None
Environment:
ICEfaces, file upload

Assignee Priority:
P1

Description

ICEfaces FileEntry makes use of an embedded copy of commons-fileupload, so is vulnerable to the following:

MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050

Issue Links

blocks

ICE-10355 update commons-fileupload library to v1.3.1 for security fix for ice:inputFile

Closed

ICE-11437 Fix CVE-2016-3092 Specially crafted input can trigger a DoS, if the size of the MIME boundard is close to the size of the buffer in MultipartStream

Closed

Activity

Repository	Revision	Date	User	Message
ICEsoft Public SVN Repository	#41168	Thu May 15 11:19:21 MDT 2014	mircea.toma	~~ICE-10023~~ Applied patch to guards against denial of service attacks.
				Files Changed
				MODIFY /icefaces4/trunk/icefaces/ace/component/src/org/icefaces/apache/commons/fileupload/MultipartStream.java MODIFY /icefaces4/trunk/icefaces/ace/component/src/org/icefaces/apache/commons/fileupload/FileUploadBase.java

People

Assignee:

Mircea Toma

Reporter:

Ted Goddard

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

14/May/14 2:26 PM

Updated:

15/Nov/18 10:37 AM

Resolved:

15/May/14 11:21 AM