CVE-2013-0248

The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.

Published Bysecalert@redhat.com

Published DateMar 15, 2013, 20:55

Affected Versions(1)

commons-fileupload:commons-fileupload(Maven)

Introduced1.0

Fixed1.2.2

LimitN/A

Package (Ecosystem)	Introduced	Fixed	Limit
commons-fileupload:commons-fileupload(Maven)	1.0	1.2.2	N/A

Weakness Type (CWE):CWE-264

CVSS Metrics

Base Score

3.3

Vector String

AV:L/AC:M/Au:N/C:N/I:P/A:P

Base Severity

Version

2.0

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

NONE

Integrity (I)

PARTIAL

Availability (A)

PARTIAL

References

Weakness Type (CWE):CWE-264

CVSS Metrics

Base Score

3.3

Vector String

AV:L/AC:M/Au:N/C:N/I:P/A:P

Base Severity

Version

2.0

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

NONE

Integrity (I)

PARTIAL

Availability (A)

PARTIAL