CVE-2016-3092: Input Validation
First published: Thu Jun 23 2016(Updated: )
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| maven/commons-fileupload:commons-fileupload | <1.3.2 | 1.3.2 |
| HP IceWall Identity Manager | =5.0 | |
| HP IceWall SSO Agent Option | =10.0 | |
| Apache Tomcat | =9.0.0-milestone1 | |
| Apache Tomcat | =9.0.0-milestone3 | |
| Apache Tomcat | =9.0.0-milestone4 | |
| Apache Tomcat | =9.0.0-milestone6 | |
| Apache Tomcat | =8.0.0-rc1 | |
| Apache Tomcat | =8.0.0-rc10 | |
| Apache Tomcat | =8.0.0-rc2 | |
| Apache Tomcat | =8.0.0-rc5 | |
| Apache Tomcat | =8.0.1 | |
| Apache Tomcat | =8.0.3 | |
| Apache Tomcat | =8.0.5 | |
| Apache Tomcat | =8.0.8 | |
| Apache Tomcat | =8.0.11 | |
| Apache Tomcat | =8.0.12 | |
| Apache Tomcat | =8.0.14 | |
| Apache Tomcat | =8.0.15 | |
| Apache Tomcat | =8.0.17 | |
| Apache Tomcat | =8.0.18 | |
| Apache Tomcat | =8.0.20 | |
| Apache Tomcat | =8.0.21 | |
| Apache Tomcat | =8.0.22 | |
| Apache Tomcat | =8.0.23 | |
| Apache Tomcat | =8.0.24 | |
| Apache Tomcat | =8.0.26 | |
| Apache Tomcat | =8.0.27 | |
| Apache Tomcat | =8.0.28 | |
| Apache Tomcat | =8.0.29 | |
| Apache Tomcat | =8.0.30 | |
| Apache Tomcat | =8.0.32 | |
| Apache Tomcat | =8.0.33 | |
| Apache Tomcat | =8.0.35 | |
| Debian Debian Linux | =8.0 | |
| Apache Tomcat | =8.5.0 | |
| Apache Tomcat | =8.5.2 | |
| Apache Commons FileUpload | <=1.3.1 | |
| Canonical Ubuntu Linux | =12.04 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =15.10 | |
| Canonical Ubuntu Linux | =16.04 | |
| Apache Tomcat | =7.0.0 | |
| Apache Tomcat | =7.0.0-beta | |
| Apache Tomcat | =7.0.1 | |
| Apache Tomcat | =7.0.2 | |
| Apache Tomcat | =7.0.2-beta | |
| Apache Tomcat | =7.0.4 | |
| Apache Tomcat | =7.0.4-beta | |
| Apache Tomcat | =7.0.5 | |
| Apache Tomcat | =7.0.5-beta | |
| Apache Tomcat | =7.0.6 | |
| Apache Tomcat | =7.0.8 | |
| Apache Tomcat | =7.0.10 | |
| Apache Tomcat | =7.0.11 | |
| Apache Tomcat | =7.0.12 | |
| Apache Tomcat | =7.0.14 | |
| Apache Tomcat | =7.0.16 | |
| Apache Tomcat | =7.0.19 | |
| Apache Tomcat | =7.0.20 | |
| Apache Tomcat | =7.0.21 | |
| Apache Tomcat | =7.0.22 | |
| Apache Tomcat | =7.0.23 | |
| Apache Tomcat | =7.0.25 | |
| Apache Tomcat | =7.0.26 | |
| Apache Tomcat | =7.0.27 | |
| Apache Tomcat | =7.0.28 | |
| Apache Tomcat | =7.0.29 | |
| Apache Tomcat | =7.0.30 | |
| Apache Tomcat | =7.0.32 | |
| Apache Tomcat | =7.0.33 | |
| Apache Tomcat | =7.0.34 | |
| Apache Tomcat | =7.0.35 | |
| Apache Tomcat | =7.0.37 | |
| Apache Tomcat | =7.0.39 | |
| Apache Tomcat | =7.0.40 | |
| Apache Tomcat | =7.0.41 | |
| Apache Tomcat | =7.0.42 | |
| Apache Tomcat | =7.0.47 | |
| Apache Tomcat | =7.0.50 | |
| Apache Tomcat | =7.0.52 | |
| Apache Tomcat | =7.0.53 | |
| Apache Tomcat | =7.0.54 | |
| Apache Tomcat | =7.0.55 | |
| Apache Tomcat | =7.0.56 | |
| Apache Tomcat | =7.0.57 | |
| Apache Tomcat | =7.0.59 | |
| Apache Tomcat | =7.0.61 | |
| Apache Tomcat | =7.0.62 | |
| Apache Tomcat | =7.0.63 | |
| Apache Tomcat | =7.0.64 | |
| Apache Tomcat | =7.0.65 | |
| Apache Tomcat | =7.0.67 | |
| Apache Tomcat | =7.0.68 | |
| Apache Tomcat | =7.0.69 | |
| Apache Tomcat | =9.0.0-m1 | |
| Apache Tomcat | =9.0.0-m3 | |
| Apache Tomcat | =9.0.0-m4 | |
| Apache Tomcat | =9.0.0-m6 | |
| redhat/tomcat | <7.0.70 | 7.0.70 |
| redhat/tomcat | <8.5.3 | 8.5.3 |
| redhat/tomcat | <8.0.36 | 8.0.36 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://nvd.nist.gov/vuln/detail/CVE-2016-3092
- https://access.redhat.com/errata/RHSA-2017:0455
- https://access.redhat.com/errata/RHSA-2017:0456
- https://bugzilla.redhat.com/show_bug.cgi?id=1349468
- https://github.com/advisories/GHSA-fvm3-cfvj-gxqq (Advisory)
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05204371
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289840
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759
- https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
- https://security.gentoo.org/glsa/201705-09
- https://security.netapp.com/advisory/ntap-20190212-0001/
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- http://jvn.jp/en/jp/JVN89379547/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2016-000121
- http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html
- http://mail-archives.apache.org/mod_mbox/commons-dev/201606.mbox/%3CCAF8HOZ%2BPq2QH8RnxBuJyoK1dOz6jrTiQypAC%2BH8g6oZkBg%2BCxg%40mail.gmail.com%3E
- http://rhn.redhat.com/errata/RHSA-2016-2068.html
- http://rhn.redhat.com/errata/RHSA-2016-2069.html
- http://rhn.redhat.com/errata/RHSA-2016-2070.html
- http://rhn.redhat.com/errata/RHSA-2016-2071.html
- http://rhn.redhat.com/errata/RHSA-2016-2072.html
- http://rhn.redhat.com/errata/RHSA-2016-2599.html
- http://rhn.redhat.com/errata/RHSA-2016-2807.html
- http://rhn.redhat.com/errata/RHSA-2016-2808.html
- http://rhn.redhat.com/errata/RHSA-2017-0457.html
- http://svn.apache.org/viewvc?view=revision&revision=1743480
- http://svn.apache.org/viewvc?view=revision&revision=1743722
- http://svn.apache.org/viewvc?view=revision&revision=1743738
- http://svn.apache.org/viewvc?view=revision&revision=1743742
- http://tomcat.apache.org/security-7.html
- http://tomcat.apache.org/security-8.html
- http://tomcat.apache.org/security-9.html
- http://www.debian.org/security/2016/dsa-3609
- http://www.debian.org/security/2016/dsa-3611
- http://www.debian.org/security/2016/dsa-3614
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.ubuntu.com/usn/USN-3024-1
- http://www.ubuntu.com/usn/USN-3027-1
- https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
- https://security.gentoo.org/glsa/202107-39
- https://web.archive.org/web/20160726114129/http://www.securitytracker.com/id/1036427
- https://web.archive.org/web/20160924080828/http://www.securityfocus.com/bid/91453
- https://web.archive.org/web/20170317103106/http://www.securitytracker.com/id/1037029
- https://web.archive.org/web/20171103224941/http://www.securitytracker.com/id/1036900
- https://web.archive.org/web/20171111060434/http://www.securitytracker.com/id/1039606
- http://www.securityfocus.com/bid/91453
- http://www.securitytracker.com/id/1036427
- http://www.securitytracker.com/id/1036900
- http://www.securitytracker.com/id/1037029
- http://www.securitytracker.com/id/1039606
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1349469
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1349470
- https://access.redhat.com/articles/112673
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1349468#c8
- https://rhn.redhat.com/errata/RHSA-2016-2071.html
- https://rhn.redhat.com/errata/RHSA-2016-2070.html
- https://rhn.redhat.com/errata/RHSA-2016-2069.html
- https://rhn.redhat.com/errata/RHSA-2016-2068.html
- https://rhn.redhat.com/errata/RHSA-2016-2072.html
- https://rhn.redhat.com/errata/RHSA-2016-2599.html
- https://rhn.redhat.com/errata/RHSA-2016-2808.html
- https://rhn.redhat.com/errata/RHSA-2016-2807.html
- https://rhn.redhat.com/errata/RHSA-2017-0457.html
- collector/nvd-index
- collector/nvd-api
- collector/github-advisory-latest
- alias/GHSA-fvm3-cfvj-gxqq
- alias/CVE-2016-3092
- collector/nvd-cve
- collector/github-advisory
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- agent/software-canonical-lookup
- agent/severity
- agent/remedy
- agent/references
- agent/author
- agent/weakness
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/hp
- canonical/hp icewall identity manager
- version/hp icewall identity manager/5.0
- canonical/hp icewall sso agent option
- version/hp icewall sso agent option/10.0
- vendor/apache
- canonical/apache tomcat
- version/apache tomcat/9.0.0-m1
- version/apache tomcat/9.0.0-m3
- version/apache tomcat/9.0.0-m4
- version/apache tomcat/9.0.0-m6
- version/apache tomcat/8.0.0-rc1
- version/apache tomcat/8.0.0-rc10
- version/apache tomcat/8.0.0-rc2
- version/apache tomcat/8.0.0-rc5
- version/apache tomcat/8.0.1
- version/apache tomcat/8.0.3
- version/apache tomcat/8.0.5
- version/apache tomcat/8.0.8
- version/apache tomcat/8.0.11
- version/apache tomcat/8.0.12
- version/apache tomcat/8.0.14
- version/apache tomcat/8.0.15
- version/apache tomcat/8.0.17
- version/apache tomcat/8.0.18
- version/apache tomcat/8.0.20
- version/apache tomcat/8.0.21
- version/apache tomcat/8.0.22
- version/apache tomcat/8.0.23
- version/apache tomcat/8.0.24
- version/apache tomcat/8.0.26
- version/apache tomcat/8.0.27
- version/apache tomcat/8.0.28
- version/apache tomcat/8.0.29
- version/apache tomcat/8.0.30
- version/apache tomcat/8.0.32
- version/apache tomcat/8.0.33
- version/apache tomcat/8.0.35
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- version/apache tomcat/8.5.0
- version/apache tomcat/8.5.2
- canonical/apache commons fileupload
- version/apache commons fileupload/1.3.1
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/12.04
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/15.10
- version/canonical ubuntu linux/16.04
- version/apache tomcat/7.0.0
- version/apache tomcat/7.0.0-beta
- version/apache tomcat/7.0.1
- version/apache tomcat/7.0.2
- version/apache tomcat/7.0.2-beta
- version/apache tomcat/7.0.4
- version/apache tomcat/7.0.4-beta
- version/apache tomcat/7.0.5
- version/apache tomcat/7.0.5-beta
- version/apache tomcat/7.0.6
- version/apache tomcat/7.0.8
- version/apache tomcat/7.0.10
- version/apache tomcat/7.0.11
- version/apache tomcat/7.0.12
- version/apache tomcat/7.0.14
- version/apache tomcat/7.0.16
- version/apache tomcat/7.0.19
- version/apache tomcat/7.0.20
- version/apache tomcat/7.0.21
- version/apache tomcat/7.0.22
- version/apache tomcat/7.0.23
- version/apache tomcat/7.0.25
- version/apache tomcat/7.0.26
- version/apache tomcat/7.0.27
- version/apache tomcat/7.0.28
- version/apache tomcat/7.0.29
- version/apache tomcat/7.0.30
- version/apache tomcat/7.0.32
- version/apache tomcat/7.0.33
- version/apache tomcat/7.0.34
- version/apache tomcat/7.0.35
- version/apache tomcat/7.0.37
- version/apache tomcat/7.0.39
- version/apache tomcat/7.0.40
- version/apache tomcat/7.0.41
- version/apache tomcat/7.0.42
- version/apache tomcat/7.0.47
- version/apache tomcat/7.0.50
- version/apache tomcat/7.0.52
- version/apache tomcat/7.0.53
- version/apache tomcat/7.0.54
- version/apache tomcat/7.0.55
- version/apache tomcat/7.0.56
- version/apache tomcat/7.0.57
- version/apache tomcat/7.0.59
- version/apache tomcat/7.0.61
- version/apache tomcat/7.0.62
- version/apache tomcat/7.0.63
- version/apache tomcat/7.0.64
- version/apache tomcat/7.0.65
- version/apache tomcat/7.0.67
- version/apache tomcat/7.0.68
- version/apache tomcat/7.0.69
- version/apache tomcat/9.0.0-milestone1
- version/apache tomcat/9.0.0-milestone3
- version/apache tomcat/9.0.0-milestone4
- version/apache tomcat/9.0.0-milestone6
- package-manager/maven
- package-manager/redhat