Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2014-0050

Published: 01/04/2014 Updated: 07/11/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 756
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Oracle

Vulnerability Summary

MultipartStream.java in Apache Commons FileUpload prior to 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle retail applications 12.0in

oracle retail applications 13.0

oracle retail applications 13.3

oracle retail applications 13.2

oracle retail applications 12.0

oracle retail applications 14.0

oracle retail applications 13.1

oracle retail applications 13.4

apache tomcat 7.0.2

apache tomcat 7.0.49

apache tomcat 7.0.12

apache tomcat 7.0.20

apache tomcat 7.0.34

apache tomcat 7.0.8

apache tomcat 7.0.1

apache tomcat 7.0.5

apache commons fileupload 1.2.2

apache tomcat 7.0.4

apache tomcat 7.0.22

apache tomcat 7.0.39

apache tomcat 7.0.26

apache tomcat 7.0.46

apache tomcat 7.0.28

apache tomcat 8.0.1

apache tomcat 7.0.0

apache commons fileupload 1.2

apache tomcat 7.0.50

apache tomcat 7.0.6

apache commons fileupload 1.1

apache tomcat 8.0.0

apache tomcat 7.0.18

apache tomcat 7.0.14

apache tomcat 7.0.48

apache tomcat 7.0.11

apache tomcat 7.0.23

apache tomcat 7.0.44

apache tomcat 7.0.7

apache tomcat 7.0.42

apache tomcat 7.0.37

apache tomcat 7.0.29

apache tomcat 7.0.45

apache commons fileupload

apache tomcat 7.0.13

apache tomcat 7.0.47

apache tomcat 7.0.41

apache tomcat 7.0.31

apache tomcat 7.0.30

apache tomcat 7.0.15

apache tomcat 7.0.19

apache tomcat 7.0.16

apache tomcat 7.0.10

apache commons fileupload 1.1.1

apache tomcat 7.0.36

apache tomcat 7.0.25

apache tomcat 7.0.35

apache tomcat 7.0.43

apache tomcat 7.0.32

apache tomcat 7.0.38

apache tomcat 7.0.21

apache tomcat 7.0.27

apache commons fileupload 1.2.1

apache tomcat 7.0.24

apache tomcat 7.0.17

apache tomcat 7.0.40

apache tomcat 7.0.9

apache commons fileupload 1.0

apache tomcat 7.0.3

apache tomcat 7.0.33

Vendor Advisories

Debian CVElist Bug Report Logs: tomcat7: CVE-2013-2071
Debian Bug report logs - #707704 tomcat7: CVE-2013-2071 Package: tomcat7; Maintainer for tomcat7 is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Source for tomcat7 is src:tomcat7 (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Fri, 10 May 2013 13:27:01 UTC Seve ...
Ubuntu Security Notice: tomcat6, tomcat7 vulnerabilities
Several security issues were fixed in Tomcat ...
Debian Security Advisories: DSA-2897-1 tomcat7 -- security update
Multiple security issues were found in the Tomcat servlet and JSP engine: CVE-2013-2067 FORM authentication associates the most recent request requiring authentication with the current session By repeatedly sending a request for an authenticated resource while the victim is completing the login form, an attacker could inject a req ...
Debian Security Advisories: DSA-2856-1 libcommons-fileupload-java -- denial of service
It was discovered that the Apache Commons FileUpload package for Java could enter an infinite loop while processing a multipart request with a crafted Content-Type, resulting in a denial-of-service condition For the oldstable distribution (squeeze), this problem has been fixed in version 122-1+deb6u2 For the stable distribution (wheezy), this p ...
Amazon Linux AMI: ALAS-2014-344
It was found that when Tomcat processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request A remote attacker could use this flaw to poison a web cache, perform cross-site scripting ...
Amazon Linux AMI: ALAS-2014-312
MultipartStreamjava in Apache Commons FileUpload before 131, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions ...

Exploits

Exploit DB: Apache Commons FileUpload and Apache Tomcat - Denial of Service
################################################################################# # CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat Denial-of-Service # # # # Author: Oren Hafif, Trustwave SpiderLabs Research # # This is a Proof of Concept code that was created for the sole purpose # # of assisting system admin ...

Github Repositories

https://github.com/adedov/victims-version-search

Version based search for vulnerabilities in Jar files, using victims-cve-db database.

Victims CVE Database Version Search This script allows searching for vulnerabilities associated with specific versions of Java archives (jar files) using database provided by victims-cve-db For each jar file the version information is retrieved: Using Maven manifest (pomxml), if it does exist within jar Using version included into filename and filename as artifactId Using

https://github.com/Shiverino/NPE2223

Proof-Of-Concept FOR CVE 2014-0050

https://github.com/jrrdev/cve-2014-0050

CVE-2014-0050 Vulnerable site sample

cve-2014-0050 CVE-2014-0050 Vulnerable site sample This project aims to demonstrate the CVE-2014-0050 exploitation for educational purpose For more informations, see : wwwtrustwavecom/Resources/SpiderLabs-Blog/CVE-2014-0050--Exploit-with-Boundaries,-Loops-without-Boundaries/ githubcom/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/apache

References

CWE-264http://jvn.jp/en/jp/JVN14876762/index.htmlhttp://tomcat.apache.org/security-8.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=1062337http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017http://svn.apache.org/r1565143http://tomcat.apache.org/security-7.htmlhttp://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0400.htmlhttp://secunia.com/advisories/57915http://www-01.ibm.com/support/docview.wss?uid=swg21676410http://secunia.com/advisories/58976http://secunia.com/advisories/59232http://secunia.com/advisories/59183http://secunia.com/advisories/59500http://www-01.ibm.com/support/docview.wss?uid=swg21676401http://secunia.com/advisories/58075http://www-01.ibm.com/support/docview.wss?uid=swg21677724http://www-01.ibm.com/support/docview.wss?uid=swg21676853http://secunia.com/advisories/59187http://www-01.ibm.com/support/docview.wss?uid=swg21675432http://secunia.com/advisories/59041http://secunia.com/advisories/59185http://secunia.com/advisories/59492http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.htmlhttp://www.securityfocus.com/bid/65400http://secunia.com/advisories/59039http://secunia.com/advisories/59725http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.htmlhttp://secunia.com/advisories/59399http://www-01.ibm.com/support/docview.wss?uid=swg21676656http://www-01.ibm.com/support/docview.wss?uid=swg21676403http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.htmlhttp://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.htmlhttp://secunia.com/advisories/59184http://www-01.ibm.com/support/docview.wss?uid=swg21676405http://www.vmware.com/security/advisories/VMSA-2014-0007.htmlhttp://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.htmlhttp://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htmhttp://secunia.com/advisories/60475http://secunia.com/advisories/60753http://www-01.ibm.com/support/docview.wss?uid=swg21677691http://www-01.ibm.com/support/docview.wss?uid=swg21681214http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.htmlhttp://www.vmware.com/security/advisories/VMSA-2014-0012.htmlhttp://seclists.org/fulldisclosure/2014/Dec/23http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2015:084http://advisories.mageia.org/MGASA-2014-0110.htmlhttp://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.htmlhttp://www-01.ibm.com/support/docview.wss?uid=swg21676091http://www-01.ibm.com/support/docview.wss?uid=swg21676092http://www-01.ibm.com/support/docview.wss?uid=swg21669554http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlhttp://marc.info/?l=bugtraq&m=143136844732487&w=2http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.htmlhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755http://www.vmware.com/security/advisories/VMSA-2014-0008.htmlhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttp://www.ubuntu.com/usn/USN-2130-1http://www.debian.org/security/2014/dsa-2856http://rhn.redhat.com/errata/RHSA-2014-0253.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0252.htmlhttp://www.securityfocus.com/archive/1/534161/100/0/threadedhttp://www.securityfocus.com/archive/1/532549/100/0/threadedhttps://security.gentoo.org/glsa/202107-39http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907%40apache.org%3Ehttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=707704https://usn.ubuntu.com/2130-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/31615/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-1183hard-codedCVE-2024-28254CVE-2023-43790buffer overflowbypassCVE-2024-32633CVE-2024-1874CVE-2024-23558
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook