CVE-2016-3092

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.

CVSS v3.0 7.5 HIGH
CVSS v2.0 7.8 HIGH

7.5^/10

CVSS v3.0 : HIGH

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1349468	Issue Tracking
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000121	VDB Entry Vendor Advisory
http://svn.apache.org/viewvc?view=revision&revision=1743480
http://svn.apache.org/viewvc?view=revision&revision=1743738	Vendor Advisory
http://tomcat.apache.org/security-8.html	Vendor Advisory
http://tomcat.apache.org/security-9.html	Vendor Advisory
http://tomcat.apache.org/security-7.html	Vendor Advisory
http://jvn.jp/en/jp/JVN89379547/index.html	Vendor Advisory
http://svn.apache.org/viewvc?view=revision&revision=1743722	Vendor Advisory
http://mail-archives.apache.org/mod_mbox/commons-dev/201606.mbox/%3CCAF8HOZ%2BPq2QH8RnxBuJyoK1dOz6jrTiQypAC%2BH8g6oZkBg%2BCxg%40mail.gmail.com%3E	Mailing List
http://svn.apache.org/viewvc?view=revision&revision=1743742	Vendor Advisory
http://www.debian.org/security/2016/dsa-3614	Third Party Advisory
http://www.ubuntu.com/usn/USN-3027-1	Third Party Advisory
http://www.debian.org/security/2016/dsa-3611	Third Party Advisory
http://www.debian.org/security/2016/dsa-3609	Third Party Advisory
http://www.ubuntu.com/usn/USN-3024-1	Third Party Advisory
http://www.securityfocus.com/bid/91453	Third Party Advisory VDB Entry
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05204371	Patch Permissions Required Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289840
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759
http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html
https://security.gentoo.org/glsa/201705-09
http://www.securitytracker.com/id/1037029
http://www.securitytracker.com/id/1036900
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
http://www.securitytracker.com/id/1036427
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.securitytracker.com/id/1039606
https://access.redhat.com/errata/RHSA-2017:0456
https://access.redhat.com/errata/RHSA-2017:0455
http://rhn.redhat.com/errata/RHSA-2017-0457.html
http://rhn.redhat.com/errata/RHSA-2016-2808.html
http://rhn.redhat.com/errata/RHSA-2016-2807.html
http://rhn.redhat.com/errata/RHSA-2016-2599.html
http://rhn.redhat.com/errata/RHSA-2016-2072.html
http://rhn.redhat.com/errata/RHSA-2016-2071.html
http://rhn.redhat.com/errata/RHSA-2016-2070.html
http://rhn.redhat.com/errata/RHSA-2016-2069.html
http://rhn.redhat.com/errata/RHSA-2016-2068.html
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
https://security.netapp.com/advisory/ntap-20190212-0001/
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/security-alerts/cpuapr2020.html
https://security.gentoo.org/glsa/202107-39
https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:hp:icewall_sso_agent_option:10.0:::::::*
	cpe:2.3:a:hp:icewall_identity_manager:5.0:::::::*

Configuration 2 (hide)

OR	cpe:2.3:a:apache:tomcat:9.0.0:milestone1::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone3::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone4::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone6::::::

Configuration 3 (hide)

OR	cpe:2.3:a:apache:tomcat:8.0.30:::::::*
	cpe:2.3:a:apache:tomcat:8.0.17:::::::*
	cpe:2.3:a:apache:tomcat:8.0.26:::::::*
	cpe:2.3:a:apache:tomcat:8.0.20:::::::*
	cpe:2.3:a:apache:tomcat:8.0.5:::::::*
	cpe:2.3:a:apache:tomcat:8.0.1:::::::*
	cpe:2.3:a:apache:tomcat:8.0.0:rc2::::::
	cpe:2.3:a:apache:tomcat:8.0.12:::::::*
	cpe:2.3:a:apache:tomcat:8.0.27:::::::*
	cpe:2.3:a:apache:tomcat:8.0.15:::::::*
	cpe:2.3:a:apache:tomcat:8.0.0:rc1::::::
	cpe:2.3:a:apache:tomcat:8.0.22:::::::*
	cpe:2.3:a:apache:tomcat:8.0.29:::::::*
	cpe:2.3:a:apache:tomcat:8.0.11:::::::*
	cpe:2.3:a:apache:tomcat:8.0.24:::::::*
	cpe:2.3:a:apache:tomcat:8.0.0:rc10::::::
	cpe:2.3:a:apache:tomcat:8.0.23:::::::*
	cpe:2.3:a:apache:tomcat:8.0.33:::::::*
	cpe:2.3:a:apache:tomcat:8.0.21:::::::*
	cpe:2.3:a:apache:tomcat:8.0.32:::::::*
	cpe:2.3:a:apache:tomcat:8.0.18:::::::*
	cpe:2.3:a:apache:tomcat:8.0.35:::::::*
	cpe:2.3:a:apache:tomcat:8.0.3:::::::*
	cpe:2.3:a:apache:tomcat:8.0.14:::::::*
	cpe:2.3:a:apache:tomcat:8.0.0:rc5::::::
	cpe:2.3:a:apache:tomcat:8.0.8:::::::*
	cpe:2.3:a:apache:tomcat:8.0.28:::::::*

Configuration 4 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 5 (hide)

OR	cpe:2.3:a:apache:tomcat:8.5.2:::::::*
	cpe:2.3:a:apache:tomcat:8.5.0:::::::*

Configuration 6 (hide)

cpe:2.3:a:apache:commons_fileupload:*:*:*:*:*:*:*:*

Configuration 7 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

Configuration 8 (hide)

OR	cpe:2.3:a:apache:tomcat:7.0.2:beta::::::
	cpe:2.3:a:apache:tomcat:7.0.12:::::::*
	cpe:2.3:a:apache:tomcat:7.0.62:::::::*
	cpe:2.3:a:apache:tomcat:7.0.53:::::::*
	cpe:2.3:a:apache:tomcat:7.0.20:::::::*
	cpe:2.3:a:apache:tomcat:7.0.34:::::::*
	cpe:2.3:a:apache:tomcat:7.0.8:::::::*
	cpe:2.3:a:apache:tomcat:7.0.55:::::::*
	cpe:2.3:a:apache:tomcat:7.0.1:::::::*
	cpe:2.3:a:apache:tomcat:7.0.2:::::::*
	cpe:2.3:a:apache:tomcat:7.0.5:::::::*
	cpe:2.3:a:apache:tomcat:7.0.4:beta::::::
	cpe:2.3:a:apache:tomcat:7.0.63:::::::*
	cpe:2.3:a:apache:tomcat:7.0.22:::::::*
	cpe:2.3:a:apache:tomcat:7.0.39:::::::*
	cpe:2.3:a:apache:tomcat:7.0.26:::::::*
	cpe:2.3:a:apache:tomcat:7.0.28:::::::*
	cpe:2.3:a:apache:tomcat:7.0.59:::::::*
	cpe:2.3:a:apache:tomcat:7.0.65:::::::*
	cpe:2.3:a:apache:tomcat:7.0.0:::::::*
	cpe:2.3:a:apache:tomcat:7.0.50:::::::*
	cpe:2.3:a:apache:tomcat:7.0.6:::::::*
	cpe:2.3:a:apache:tomcat:7.0.14:::::::*
	cpe:2.3:a:apache:tomcat:7.0.11:::::::*
	cpe:2.3:a:apache:tomcat:7.0.67:::::::*
	cpe:2.3:a:apache:tomcat:7.0.23:::::::*
	cpe:2.3:a:apache:tomcat:7.0.0:beta::::::
	cpe:2.3:a:apache:tomcat:7.0.69:::::::*
	cpe:2.3:a:apache:tomcat:7.0.52:::::::*
	cpe:2.3:a:apache:tomcat:7.0.42:::::::*
	cpe:2.3:a:apache:tomcat:7.0.37:::::::*
	cpe:2.3:a:apache:tomcat:7.0.29:::::::*
	cpe:2.3:a:apache:tomcat:7.0.68:::::::*
	cpe:2.3:a:apache:tomcat:7.0.47:::::::*
	cpe:2.3:a:apache:tomcat:7.0.5:beta::::::
	cpe:2.3:a:apache:tomcat:7.0.41:::::::*
	cpe:2.3:a:apache:tomcat:7.0.30:::::::*
	cpe:2.3:a:apache:tomcat:7.0.19:::::::*
	cpe:2.3:a:apache:tomcat:7.0.16:::::::*
	cpe:2.3:a:apache:tomcat:7.0.10:::::::*
	cpe:2.3:a:apache:tomcat:7.0.25:::::::*
	cpe:2.3:a:apache:tomcat:7.0.54:::::::*
	cpe:2.3:a:apache:tomcat:7.0.35:::::::*
	cpe:2.3:a:apache:tomcat:7.0.61:::::::*
	cpe:2.3:a:apache:tomcat:7.0.57:::::::*
	cpe:2.3:a:apache:tomcat:7.0.32:::::::*
	cpe:2.3:a:apache:tomcat:7.0.21:::::::*
	cpe:2.3:a:apache:tomcat:7.0.27:::::::*
	cpe:2.3:a:apache:tomcat:7.0.40:::::::*
	cpe:2.3:a:apache:tomcat:7.0.4:::::::*
	cpe:2.3:a:apache:tomcat:7.0.56:::::::*
	cpe:2.3:a:apache:tomcat:7.0.64:::::::*
	cpe:2.3:a:apache:tomcat:7.0.33:::::::*

History

08 Dec 2023, 16:41

Type	Values Removed	Values Added
CPE	cpe:2.3:a:apache:tomcat:9.0.0:m6:::::: cpe:2.3:a:apache:tomcat:9.0.0:m1:::::: cpe:2.3:a:apache:tomcat:9.0.0:m4:::::: cpe:2.3:a:apache:tomcat:9.0.0:m3::::::	cpe:2.3:a:apache:tomcat:9.0.0:milestone1:::::: cpe:2.3:a:apache:tomcat:9.0.0:milestone3:::::: cpe:2.3:a:apache:tomcat:9.0.0:milestone4:::::: cpe:2.3:a:apache:tomcat:9.0.0:milestone6::::::

07 Nov 2023, 02:32

Type	Values Removed	Values Added
References	{'url': 'https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/', 'tags': [], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/', 'tags': [], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/', 'tags': [], 'refsource': 'MLIST'}	() https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E -

Information

Published : 2016-07-04 22:59

Updated : 2023-12-08 16:41

NVD link : CVE-2016-3092

Mitre link : CVE-2016-3092

JSON object : View

Products Affected

debian

debian_linux

canonical

ubuntu_linux

icewall_sso_agent_option
icewall_identity_manager

apache

tomcat
commons_fileupload

CWE

CWE-20

Improper Input Validation

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

7.8 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2016-3092

7.5^/10

7.8^/10

Attach tags to `CVE-2016-3092`