CVE-2013-0248
The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.Enginsight
Vendor | Product | Version |
---|---|---|
apache | commons_fileupload | 1.0 |
apache | commons_fileupload | 1.1 |
apache | commons_fileupload | 1.1.1 |
apache | commons_fileupload | 1.2 |
apache | commons_fileupload | 1.2.1 |
apache | commons_fileupload | 1.2.2 |
Debian Releases
Ubuntu Releases
Common Weakness Enumeration