Security Advisory

CVE-2013-0248

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-03-15 01:00:00

Last updated 2024-08-06 14:18:09

Assigner redhat

State PUBLISHED

Description

The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.

← Browse all CVEs View on cve.org ↗