CVE-2013-2185

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions prior to 7.0.39 Red Hat JBoss Enterprise Application Platform version 6.1.0 Red Hat JBoss Portal version 6.0.0

Description The readObject method in the DiskFileItem class allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance. This issue is similar to a previously known problem. There is a dispute regarding the responsibility for protecting against this issue, with the Apache Tomcat team and Red Hat having different views on the matter.

Recommendations For Apache Tomcat versions prior to 7.0.39, update to version 7.0.39 or later to resolve the issue. For Red Hat JBoss Enterprise Application Platform version 6.1.0, consider disabling the readObject method in the DiskFileItem class as a temporary workaround until a patch is available. For Red Hat JBoss Portal version 6.0.0, restrict access to the DiskFileItem class to minimize the risk of exploitation until a fix is provided.