CVE-2013-7393

Currently unrated

Key Information:

Vendor: Apache
Status: Subversion
Vendor: CVE Published:; 28 July 2014

Summary

The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for (1) svnwcsub.py or (2) irkerbridge.py when the --pidfile option is used. NOTE: this issue was SPLIT from CVE-2013-4262 based on different affected versions (ADT3).

References

https://subversion.apache.org/security/CVE-2013-4262-advi...

x_refsource_CONFIRM

http://www.oracle.com/technetwork/topics/security/bulleti...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 28, 2014
Vulnerability Reserved
Jul 28, 2014