File Overwrite Vulnerability in Request Tracker by Best Practical
CVE-2013-3368

Currently unrated

Key Information:

Vendor: Bestpractical
Status: Rt
Vendor: CVE Published:; 23 August 2013

🔔 Create Bestpractical Vulnerability Alert

What is CVE-2013-3368?

The Request Tracker (RT) software versions 3.8.x prior to 3.8.17 and 4.0.x prior to 4.0.13 are susceptible to a local file overwrite vulnerability. This issue allows an attacker to exploit a symlink attack on temporary files with predictable names, enabling the overwriting of arbitrary files. Proper security measures and updates are recommended to mitigate this risk.

References

http://lists.bestpractical.com/pipermail/rt-announce/2013...

mailing-listx_refsource_MLIST

http://www.osvdb.org/93612

vdb-entryx_refsource_OSVDB

http://lists.bestpractical.com/pipermail/rt-announce/2013...

mailing-listx_refsource_MLIST

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 23, 2013

CVE-2013-3368 Data

JSON