Lucene search

CVE-2013-2186

🗓️ 28 Oct 2013 21:05:55Reported by redhatType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 168 Views

The DiskFileItem class in Apache Commons FileUpload allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 76
Tenable Nessus	RHEL 6 : jakarta-commons-fileupload (RHSA-2013:1428)	8 Nov 201400:00	–	nessus
Tenable Nessus	openSUSE Security Update : jakarta-commons-fileupload (openSUSE-SU-2013:1571-1)	13 Jun 201400:00	–	nessus
Tenable Nessus	Debian DSA-2827-1 : libcommons-fileupload-java - arbitrary file upload via deserialization	24 Dec 201300:00	–	nessus
Tenable Nessus	SuSE 11.2 / 11.3 Security Update : jakarta-commons-fileupload (SAT Patch Numbers 8445 / 8446)	13 Nov 201300:00	–	nessus
Tenable Nessus	Ubuntu 10.04 LTS : libcommons-fileupload-java vulnerability (USN-2029-1)	13 Nov 201300:00	–	nessus
Tenable Nessus	Jenkins < 1.583 / 1.565.3 and Jenkins Enterprise 1.532.x / 1.554.x / 1.565.x < 1.532.10.1 / 1.554.10.1 / 1.565.3.1 Multiple Vulnerabilities	4 Nov 201400:00	–	nessus
Tenable Nessus	FreeBSD : jenkins -- remote execution, privilege escalation, XSS, password exposure, ACL hole, DoS (549a2771-49cc-11e4-ae2c-c80aa9043978)	2 Oct 201400:00	–	nessus
Tenable Nessus	RHEL 7 : openshift (RHSA-2016:0070)	6 Dec 201800:00	–	nessus
F5 Networks	K63443590 : Apache Commons FileUpload vulnerability CVE-2013-2186	21 Jan 201600:00	–	f5
F5 Networks	SOL63443590 - Apache Commons FileUpload vulnerability CVE-2013-2186	21 Jan 201600:00	–	f5

Nvd

Node

redhat jboss_enterprise_brms_platformMatch5.3.1

redhat jboss_enterprise_portal_platformMatch4.3.0cp07

redhat jboss_enterprise_portal_platformMatch5.2.2

redhat jboss_enterprise_portal_platformMatch6.0.0

redhat jboss_enterprise_web_serverMatch1.0.2

redhat openshiftRange≤3.1enterprise

Node

ubuntu ubuntuMatch10.04lts

Source	Link
rhn	www.rhn.redhat.com/errata/RHSA-2013-1429.html
rhn	www.rhn.redhat.com/errata/RHSA-2013-1428.html
oracle	www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
oracle	www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
ubuntu	www.ubuntu.com/usn/usn-2029-1
rhn	www.rhn.redhat.com/errata/RHSA-2013-1448.html
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/88133
secunia	www.secunia.com/advisories/55716
rhn	www.rhn.redhat.com/errata/RHSA-2013-1442.html
rhn	www.rhn.redhat.com/errata/RHSA-2013-1430.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

28 Oct 2013 21:55Current

7.8High risk

Vulners AI Score7.8

CVSS27.5

EPSS0.91232

CWE-20