| शीर्षक | PublicCMS V6.202506.d Improper Handling of Highly Compressed Data (Data Amplification) |
|---|
| विवरण | PublicCMS (up to version [V6.202506.d]) is vulnerable to a Denial of Service (DoS) attack via a "ZIP Bomb" during document processing. In common/src/main/java/com/publiccms/common/tools/DocToHtmlUtils.java at line 94, the application explicitly disables the security threshold for compressed data expansion by calling ZipSecureFile.setMinInflateRatio(0), which bypasses the default protection of the Apache POI library. This vulnerable conversion logic is reachable via the administrative file import interface (docx/xlsx/ppt/pptx) defined in core/src/main/java/com/publiccms/controller/admin/sys/FileAdminController.java at lines 171-176 and 191-230. An authenticated attacker can upload a specially crafted malicious compressed document, triggering extreme CPU and memory consumption that leads to server instability or a complete crash. |
|---|
| उपयोगकर्ता | LeyNn3H (UID 97009) |
|---|
| सबमिशन | 01/04/2026 06:42 PM (2 महीनों पहले) |
|---|
| संयम | 21/04/2026 04:35 PM (20 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 358491 [Sanluan PublicCMS तक 6.202506.d DocToHtmlUtils.java ZipSecureFile.setMinflateRatio सेवा अस्वीकार] |
|---|
| अंक | 17 |
|---|