Upstream information
Description
The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.SUSE information
Overall state of this security issue: Does not affect SUSE products
No SUSE Bugzilla entries cross referenced.SUSE Security Advisories:
- TID7021937, published Sa 3. Mär 12:00:22 CET 2018
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 13:17:04 2013CVE page last modified: Tue Jul 1 12:20:03 2025