SecuritySpace - CVE-2014-0050

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

CVE Kennung:	CVE-2014-0050
Beschreibung:	MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.
Test Kennungen:	1.3.6.1.4.1.25623.1.0.804251 1.3.6.1.4.1.25623.1.0.867523 1.3.6.1.4.1.25623.1.0.867519 1.3.6.1.4.1.25623.1.0.702856 1.3.6.1.4.1.25623.1.0.871200 1.3.6.1.4.1.25623.1.0.881960 1.3.6.1.4.1.25623.1.0.702897 1.3.6.1.4.1.25623.1.0.120359 1.3.6.1.4.1.25623.1.0.123384 1.3.6.1.4.1.25623.1.0.850747 1.3.6.1.4.1.25623.1.1.4.2014.0548.1
Querverweise:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0050 BugTraq ID: 65400 http://www.securityfocus.com/bid/65400 Bugtraq: 20140625 NEW VMSA-2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library (Google Search) http://www.securityfocus.com/archive/1/532549/100/0/threaded Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/534161/100/0/threaded Debian Security Information: DSA-2856 (Google Search) http://www.debian.org/security/2014/dsa-2856 http://seclists.org/fulldisclosure/2014/Dec/23 https://security.gentoo.org/glsa/202107-39 HPdes Security Advisory: HPSBGN03329 http://marc.info/?l=bugtraq&m=143136844732487&w=2 http://jvn.jp/en/jp/JVN14876762/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017 http://www.mandriva.com/security/advisories?name=MDVSA-2015:084 http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907@apache.org%3E RedHat Security Advisories: RHSA-2014:0252 http://rhn.redhat.com/errata/RHSA-2014-0252.html RedHat Security Advisories: RHSA-2014:0253 http://rhn.redhat.com/errata/RHSA-2014-0253.html RedHat Security Advisories: RHSA-2014:0400 http://rhn.redhat.com/errata/RHSA-2014-0400.html http://secunia.com/advisories/57915 http://secunia.com/advisories/58075 http://secunia.com/advisories/58976 http://secunia.com/advisories/59039 http://secunia.com/advisories/59041 http://secunia.com/advisories/59183 http://secunia.com/advisories/59184 http://secunia.com/advisories/59185 http://secunia.com/advisories/59187 http://secunia.com/advisories/59232 http://secunia.com/advisories/59399 http://secunia.com/advisories/59492 http://secunia.com/advisories/59500 http://secunia.com/advisories/59725 http://secunia.com/advisories/60475 http://secunia.com/advisories/60753 http://www.ubuntu.com/usn/USN-2130-1