CVE-2016-6809

CRITICAL

Apache Tika < 1.13 - Insecure Deserialization

Title source: rule

Description

Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization.

Exploits (2)

nomisec STUB

by dawetmaster · poc

https://github.com/dawetmaster/CVE-2016-6809-tika-vulnerable

View Code ZIP pw:eip

nomisec STUB

by andikahilmy · poc

https://github.com/andikahilmy/CVE-2016-6809-tika-vulnerable

View Code ZIP pw:eip

References (8)

[Mailing List] https://lists.apache.org/thread.html/e414754a6c57ce7194b731e211cd6b2cbb41f2c7000e3fb9c6b6ec78%40%3Cdev.lucene.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/91eb639ef619b9a26b40020ca6732e7dbe457f7322ed5f1df49e411a%40%3Cdev.nutch.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/d2375da29d89e679abf5d845db76d6f798fdc6f7d44f2c788e8a0fb9%40%3Cuser.nutch.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/r2f6f6c130b12b7332f323f74d031072b1517065ce28a22346791ffb6%40%3Cissues.lucene.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/rfd3646bb724b66b1a9ddef69e692da2b7a727a8799551c78eedf0a0f%40%3Cissues.lucene.apache.org%3E

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/94247

[Release Notes, Vendor Advisory] https://dist.apache.org/repos/dist/release/tika/CHANGES-1.14.txt

[Mailing List, Third Party Advisory, VDB Entry] http://seclists.org/bugtraq/2016/Nov/40

Scores

CVSS v3 9.8

EPSS 0.0705

EPSS Percentile 91.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-502

Status published

Products (3)

apache/nutch 2.3.1

apache/tika < 1.13

org.apache.tika/tika-core 0 - 1.14Maven

Published Apr 06, 2017

Tracked Since Feb 18, 2026