Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2013-0248
HistoryMar 15, 2013 - 8:55 p.m.

CVE-2013-0248

2013-03-1520:55:10
CWE-264
[email protected]
web.nvd.nist.gov
2

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.

Affected configurations

NVD
Node
apachecommons_fileuploadMatch1.0
OR
apachecommons_fileuploadMatch1.1
OR
apachecommons_fileuploadMatch1.1.1
OR
apachecommons_fileuploadMatch1.2
OR
apachecommons_fileuploadMatch1.2.1
OR
apachecommons_fileuploadMatch1.2.2

Related

osv 1
nessus 2
seebug 1
ibm 13
debiancve 1
cvelist 1
prion 1
github 1
cve 1
ubuntucve 1
securityvulns 2
gentoo 1
oracle 1
osv
osv
Incorrect Default Permissions in Apache Commons FileUpload
2022-05-05 02:48:41
nessus
nessus
RHEL 5 : jbds (Unpatched Vulnerability)
2024-06-03 00:00:00
GLSA-202107-39 : Apache Commons FileUpload: Multiple vulnerabilities
2022-01-24 00:00:00
seebug
seebug
Apache Commons FileUploadไธๅฎ‰ๅ…จไธดๆ—ถๆ–‡ไปถๅˆ›ๅปบๆผๆดž(CVE-2013-0248)
2013-03-10 00:00:00
ibm
ibm
Security Bulletin: A security vulnerability has been identified in WebSphere MQ shipped with WebSphere Remote Server (CVE-2013-0248)
2018-06-15 07:05:19
Security Bulletin: Apache Commons FileUpload vulnerability affects IBM WebSphere MQ Managed File Transfer (CVE-2013-0248)
2018-06-15 07:04:52
Security Bulletin: Apache Commons FileUpload vulnerability affects IBM Tivoli Business Service Manager (CVE-2013-0248)
2021-12-01 11:22:50
debiancve
debiancve
CVE-2013-0248
2013-03-15 20:55:10
cvelist
cvelist
CVE-2013-0248
2013-03-15 01:00:00
prion
prion
Default configuration
2013-03-15 20:55:00
github
github
Incorrect Default Permissions in Apache Commons FileUpload
2022-05-05 02:48:41
cve
cve
CVE-2013-0248
2013-03-15 20:55:10
ubuntucve
ubuntucve
CVE-2013-0248
2013-03-15 00:00:00
securityvulns
securityvulns
[SECURITY] CVE-2013-0248 Apache Commons FileUpload - Insecure examples
2013-03-11 00:00:00
[security bulletin] HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple Vulnerabilities
2015-09-14 00:00:00
gentoo
gentoo
Apache Commons FileUpload: Multiple vulnerabilities
2021-07-17 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2017
2017-10-17 00:00:00

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for NVD:CVE-2013-0248
osv1nessus2seebug1ibm13debiancve1cvelist1prion1github1cve1ubuntucve1securityvulns2gentoo1oracle1