← volver
CVE-2016-3092

CVE-2016-3092

EPSS 35.9%
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000121http://jvn.jp/en/jp/JVN89379547/index.htmlhttp://lists.opensuse.org/opensuse-updates/2016-09/msg00025.htmlhttp://mail-archives.apache.org/mod_mbox/commons-dev/201606.mbox/%3CCAF8HOZ%2BPq2QH8RnxBuJyoK1dOz6jrTiQypAC%2BH8g6oZkBg%2BCxg%40mail.gmail.com%3Ehttp://rhn.redhat.com/errata/RHSA-2016-2068.htmlhttp://rhn.redhat.com/errata/RHSA-2016-2069.htmlhttp://rhn.redhat.com/errata/RHSA-2016-2070.htmlhttp://rhn.redhat.com/errata/RHSA-2016-2071.htmlhttp://rhn.redhat.com/errata/RHSA-2016-2072.htmlhttp://rhn.redhat.com/errata/RHSA-2016-2599.htmlhttp://rhn.redhat.com/errata/RHSA-2016-2807.htmlhttp://rhn.redhat.com/errata/RHSA-2016-2808.html