Apache Commons FileUpload -- denial of service (DoS) vulnerability
Mark Thomas reports:
CVE-2016-3092 is a denial of service vulnerability that has been
corrected in the Apache Commons FileUpload component. It occurred
when the length of the multipart boundary was just below the size of
the buffer (4096 bytes) used to read the uploaded file. This caused
the file upload process to take several orders of magnitude longer
than if the boundary length was the typical tens of bytes.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright