Apache Tika 1.13 Code Execution

2016.11.11

Credit: Pierre Ernst

Risk: High

Local: No

Remote: Yes

CVE: CVE-2016-6809

CWE: CWE-502

CVSS Base Score: 7.5/10

Impact Subscore: 6.4/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Partial

Integrity impact: Partial

Availability impact: Partial

CVE-2016-6809 a Arbitrary Code Execution Vulnerability in Apache Tikaas MATLAB Parser 

Severity: Important 

Vendor: The Apache Software Foundation 

Versions Affected: 1.6-1.13 

Description: Apache Tika wraps the jmatio parser (https://github.com/gradusnikov/jmatio) to handle MATLAB files.  The parser uses native deserialization on serialized Java objects embedded in MATLAB files. A malicious user could inject arbitrary code into a MATLAB file that would be executed when the object is deserialized. 

Mitigation: Turn off MATLAB file parsing or upgrade to Tika 1.14. 

Credit: Pierre Ernst of salesforce.com discovered this issue and contributed to the fix.

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Apache Tika 1.13 Code Execution

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Apache Tika 1.13 Code Execution

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.