7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests. By sending a specially-crafted request, an attacker could exploit this vulnerability to cause the application to enter into an infinite loop.
CVEID: CVE-2014-0050
Apache Commons FileUpload and Tomcat are vulnerable to a denial of service
CVSS Base Score: 5.0
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/90987> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
IBM Content Manager Services for Lotus Quickr 1.0 and 1.1
Go to www.ibm.com/support/fixcentral , search for “Content Manager Services for Lotus Quickr,” and apply the fixes below:
Version 1.0: Upgrade to version 1.1 and apply 1.1.0.3-CMQS-IF002
Version 1.1: Apply 1.1.0.3-CMQS-IF002
None