Hi,
We are using Tomcat 7.0.40 as web server. It deploys a REST based(Jersey)
web application where few requests are multipart requests. These requests
accept byte array input.
We tried to reproduce this vulnerability by sending more than 4091
characters in the boundary field. The request failed
From: Aditi Sinha [mailto:adisinha0...@gmail.com]
Subject: Need info on CVE-2014-0050
We are using Tomcat 7.0.40 as web server.
How can we confirm if our application is vulnerable or not to CVE-2014-0050?
Read the relevant security pages:
http://tomcat.apache.org/security-7.html
http
Thanks Chuck. We are not using Apache Commons FileUpload or Tomcat's
implementation of FileUpload.