Upstream information

CVE-2013-0248 at MITRE

Description

The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.

SUSE information

Overall state of this security issue: Does not affect SUSE products

No SUSE Bugzilla entries cross referenced.

SUSE Security Advisories:

  • TID7021937, published Sa 3. Mär 12:00:22 CET 2018


SUSE Timeline for this CVE

CVE page created: Fri Jun 28 13:17:04 2013
CVE page last modified: Tue Jul 1 12:20:03 2025