CVE-2018-11771
apache-commons-compress: ZipArchiveInputStream.read() fails to identify correct EOF allowing for DoS via crafted zip
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead to an infinite stream, which can be used to mount a denial of service attack against services that use Compress' zip package.
Cuando se lee un archivo ZIP especialmente manipulado, el método read de ZipArchiveInputStream de Apache Commons Compress desde la versión 1.7 hasta la 1.17 puede fracasar a la hora de devolver la indicación EOF correcta después de llegar al final de la transmisión. Cuando se combina con un java.io.InputStreamReader, puede conducir a una transmisión infinita que se puede usar para montar un ataque de denegación de servicio (DoS) contra servicios que usan el paquete ZIP de Compress.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-06-05 CVE Reserved
- 2018-08-16 CVE Published
- 2023-11-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
- CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CAPEC
References (19)
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.oracle.com/security-alerts/cpujan2022.html | 2023-11-07 |
URL | Date | SRC |
---|---|---|
https://access.redhat.com/security/cve/CVE-2018-11771 | 2020-03-26 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1618573 | 2020-03-26 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Apache Search vendor "Apache" | Commons Compress Search vendor "Apache" for product "Commons Compress" | >= 1.7.0 <= 1.17.0 Search vendor "Apache" for product "Commons Compress" and version " >= 1.7.0 <= 1.17.0" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Weblogic Server Search vendor "Oracle" for product "Weblogic Server" | 14.1.1.0.0 Search vendor "Oracle" for product "Weblogic Server" and version "14.1.1.0.0" | - |
Affected
|