CVE-2013-4262

Currently unrated

Key Information:

Vendor: Apache
Status: Subversion
Vendor: CVE Published:; 28 July 2014

Summary

svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a symlink attack on the pid file. NOTE: this issue was SPLIT due to different affected versions (ADT3). The irkerbridge.py issue is covered by CVE-2013-7393.

References

https://subversion.apache.org/security/CVE-2013-4262-advi...

x_refsource_CONFIRM

http://www.oracle.com/technetwork/topics/security/bulleti...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 28, 2014
Vulnerability Reserved
Jun 12, 2013