[CONFSERVER-22069] Profile picture thumbnail generation can consume unlimited amount of memory

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 5.1.4
Affects Version/s: 2.7, 4.2.2, 4.2.6
Component/s: None
Labels:

CVSS Score:
6.8
Bug Fix Policy:
View Atlassian Server bug fix policy

Discovered a Studio customer, you can upload a very large profile picture to expose the same problem as ~~CONF-21480~~, just in a different area of the application.

We should limit the size of images we're willing to load into memory to avoid this problem with user pictures.

blocks

CONFCLOUD-54200 UploadAttachmentsAction XSRF

Closed

relates to

CONFSERVER-21480 Fix the Thumbnail rendering that fails for transparent images (PNG/GIF) and for certain images with embedded color profiles (CMMException)

Closed

mentioned in: Wiki Page Loading...; Wiki Page Loading...; Wiki Page Loading...

David Black added a comment - 28/May/2012 4:58 AM

It is possible to use the xml-rpc api to upload an image of any size as a user's profile picture. This was tested against an ondemand fireball-144 instance.

David Black added a comment - 28/May/2012 4:58 AM It is possible to use the xml-rpc api to upload an image of any size as a user's profile picture. This was tested against an ondemand fireball-144 instance.

VitalyA added a comment - 24/Apr/2012 5:44 AM

dblack to verify scope.

VitalyA added a comment - 24/Apr/2012 5:44 AM dblack to verify scope.

David Black added a comment - 08/Mar/2012 5:10 AM - edited

CVSS score: 6.8 => High severity

Exploitability Metrics

AccessVector	Network
AccessComplexity	Low
Authentication	Single Instance

Impact Metrics

ConfImpact	None
IntegImpact	None
AvailImpact	Complete

See https://extranet.atlassian.com/display/SECCOUNCIL/How+to+evaluate+vulnerability+severity+under+CVSS for details and http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2 for score calculator.

David Black added a comment - 08/Mar/2012 5:10 AM - edited CVSS score: 6.8 => High severity Exploitability Metrics AccessVector Network AccessComplexity Low Authentication Single Instance Impact Metrics ConfImpact None IntegImpact None AvailImpact Complete See https://extranet.atlassian.com/display/SECCOUNCIL/How+to+evaluate+vulnerability+severity+under+CVSS for details and http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2 for score calculator.

Assignee:: edith (Inactive)

Reporter:: Matt Ryall

Affected customers:: 0 This affects my team

Watchers:: 6 Start watching this issue

Created:: 23/Mar/2011 2:52 AM

Updated:: 11/Oct/2018 8:41 AM

Resolved:: 15/May/2013 1:17 AM

Details

Description

Attachments

Issue Links

Forms

Activity

Collapse comment: David Black added a comment - 28/May/2012 4:58 AM

Expand comment: David Black added a comment - 28/May/2012 4:58 AM

Collapse comment: VitalyA added a comment - 24/Apr/2012 5:44 AM

Expand comment: VitalyA added a comment - 24/Apr/2012 5:44 AM

Collapse comment: David Black added a comment - 08/Mar/2012 5:10 AM, Edited by David Black - 23/Mar/2012 1:48 AM

Expand comment: David Black added a comment - 08/Mar/2012 5:10 AM, Edited by David Black - 23/Mar/2012 1:48 AM

People

Dates