USN-2029-1: Apache Commons FileUpload vulnerability

13 November 2013

Apache Commons FileUpload could be made to overwrite files.

Releases

Packages

Details

It was discovered that Apache Commons FileUpload incorrectly handled file
names with NULL bytes in serialized instances. An attacker could use this
issue to possibly write to arbitrary files.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 10.04

In general, a standard system update will make all the necessary changes.

References