Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:APACHE:CVE-2018-1339-DOS |
|---|---|
Severity |
Minor |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Apache Tika Chmparser Denial Of Service |
Release Date |
2018/05/15 |
Update Number |
3065 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Apache Tika Chmparser Denial Of Service
This signature detects attempts to exploit a known vulnerability against Apache Tika Chmparser. A successful attack can result in a denial-of-service condition
Extended Description
A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's ChmParser in versions of Apache Tika before 1.18.
Affected Products
- Apache tika 0.1
- Apache tika 0.10
- Apache tika 0.2
- Apache tika 0.3
- Apache tika 0.4
- Apache tika 0.5
- Apache tika 0.6
- Apache tika 0.7
- Apache tika 0.8
- Apache tika 0.9
- Apache tika 1.0
- Apache tika 1.1
- Apache tika 1.10
- Apache tika 1.11
- Apache tika 1.12
- Apache tika 1.13
- Apache tika 1.14
- Apache tika 1.15
- Apache tika 1.16
- Apache tika 1.17
- Apache tika 1.2
- Apache tika 1.3
- Apache tika 1.4
- Apache tika 1.5
- Apache tika 1.6
- Apache tika 1.7
- Apache tika 1.8
- Apache tika 1.9
References
- CVE: CVE-2018-1339