CVE-2018-1339 - Vulnerability Details - OpenCVE

A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's ChmParser in versions of Apache Tika before 1.18.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apache	Tika
Redhat	Jboss Fuse

Configuration 1 [-]

cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat JBoss Fuse 7
camel-tika	cpe:/a:redhat:jboss_fuse:7	RHSA-2018:2669	2018-09-11T00:00:00Z

References

Link	Providers
https://access.redhat.com/errata/RHSA-2018:2669
https://lists.apache.org/thread.html/4d2cb5c819401bb075e2a1130e0d14f0404a136541a6f91da0225828%40%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/4d2cb5c819401bb075e2a1130e0d14f0404a136541a6f91da0225828@%3Cdev.tika.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2018-1339
https://www.cve.org/CVERecord?id=CVE-2018-1339

History

No history.

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2018-04-25T21:00:00Z

Updated: 2024-09-16T17:14:39.308Z

Reserved: 2017-12-07T00:00:00

Link: CVE-2018-1339

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-04-25T21:29:00.420

Modified: 2024-11-21T03:59:39.397

Link: CVE-2018-1339

Redhat

Severity : Moderate

Publid Date: 2018-04-25T00:00:00Z

Links: CVE-2018-1339 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "Apache Tika", "vendor": "Apache Software Foundation", "versions": [{"status": "affected", "version": "< 1.18"}]}], "datePublic": "2018-04-25T00:00:00", "descriptions": [{"lang": "en", "value": "A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's ChmParser in versions of Apache Tika before 1.18."}], "problemTypes": [{"descriptions": [{"description": "Denial Of Service Vulnerability -- infinite loop", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-09-12T09:57:01", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"name": "RHSA-2018:2669", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2669"}, {"name": "[dev] 20180425 [CVE-2018-1339] DoS (Infinite Loop) Vulnerability in Apache Tika's ChmParser", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/4d2cb5c819401bb075e2a1130e0d14f0404a136541a6f91da0225828%40%3Cdev.tika.apache.org%3E"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "DATE_PUBLIC": "2018-04-25T00:00:00", "ID": "CVE-2018-1339", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Tika", "version": {"version_data": [{"version_value": "< 1.18"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's ChmParser in versions of Apache Tika before 1.18."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial Of Service Vulnerability -- infinite loop"}]}]}, "references": {"reference_data": [{"name": "RHSA-2018:2669", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2669"}, {"name": "[dev] 20180425 [CVE-2018-1339] DoS (Infinite Loop) Vulnerability in Apache Tika's ChmParser", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/4d2cb5c819401bb075e2a1130e0d14f0404a136541a6f91da0225828@%3Cdev.tika.apache.org%3E"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:59:38.420Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2018:2669", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2669"}, {"name": "[dev] 20180425 [CVE-2018-1339] DoS (Infinite Loop) Vulnerability in Apache Tika's ChmParser", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/4d2cb5c819401bb075e2a1130e0d14f0404a136541a6f91da0225828%40%3Cdev.tika.apache.org%3E"}]}]}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2018-1339", "datePublished": "2018-04-25T21:00:00Z", "dateReserved": "2017-12-07T00:00:00", "dateUpdated": "2024-09-16T17:14:39.308Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:*", "matchCriteriaId": "2EFBC1D4-A672-40D9-BCF8-7AC016D6F1BF", "versionEndExcluding": "1.18", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's ChmParser in versions of Apache Tika before 1.18."}, {"lang": "es", "value": "Un archivo cuidadosamente manipulado (o fuzzeado) puede desencadenar un bucle infinito en ChmParser en las versiones anteriores a la 1.18 de Apache Tika."}], "id": "CVE-2018-1339", "lastModified": "2024-11-21T03:59:39.397", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-04-25T21:29:00.420", "references": [{"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2669"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/4d2cb5c819401bb075e2a1130e0d14f0404a136541a6f91da0225828%40%3Cdev.tika.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2669"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/4d2cb5c819401bb075e2a1130e0d14f0404a136541a6f91da0225828%40%3Cdev.tika.apache.org%3E"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-835"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2018:2669", "cpe": "cpe:/a:redhat:jboss_fuse:7", "package": "camel-tika", "product_name": "Red Hat JBoss Fuse 7", "release_date": "2018-09-11T00:00:00Z"}], "bugzilla": {"description": "tika: Infinite loop in ChmParser can allow remote attacker to cause a denial of service", "id": "1572424", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1572424"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-835", "details": ["A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's ChmParser in versions of Apache Tika before 1.18."], "name": "CVE-2018-1339", "package_state": [{"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:6", "fix_state": "Not affected", "package_name": "tika-core", "product_name": "Red Hat BPM Suite 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:5", "fix_state": "Out of support scope", "package_name": "tika-core", "product_name": "Red Hat JBoss BRMS 5"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:6", "fix_state": "Not affected", "package_name": "tika-core", "product_name": "Red Hat JBoss BRMS 6"}, {"cpe": "cpe:/a:redhat:jboss_data_virtualization:6", "fix_state": "Will not fix", "package_name": "tika-core", "product_name": "Red Hat JBoss Data Virtualization 6"}, {"cpe": "cpe:/a:redhat:fuse_integration_services:2", "fix_state": "Not affected", "package_name": "tika-core", "product_name": "Red Hat JBoss Fuse Integration Service 2"}, {"cpe": "cpe:/a:redhat:jboss_fuse_service_works:6", "fix_state": "Not affected", "package_name": "tika-core", "product_name": "Red Hat JBoss Fuse Service Works 6"}, {"cpe": "cpe:/a:redhat:network_satellite:5", "fix_state": "Will not fix", "impact": "low", "package_name": "tika", "product_name": "Red Hat Satellite 5"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Not affected", "package_name": "rh-eclipse46-tika", "product_name": "Red Hat Software Collections"}], "public_date": "2018-04-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-1339\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-1339\nhttps://lists.apache.org/thread.html/4d2cb5c819401bb075e2a1130e0d14f0404a136541a6f91da0225828@%3Cdev.tika.apache.org%3E"], "statement": "This issue affects the versions of tika which is embedded in the nutch package as shipped with Red Hat Satellite 5. The tika server is not exposed, as such exploitation is difficult, Red Hat Product Security has rated this issue as having security impact of Low. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "threat_severity": "Moderate"}