CVE-2013-4262
published 2014-07-28CVE-2013-4262: svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a…
low2.4CVSS 3.1
AVLACHAuSCNIPAP
svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a symlink attack on the pid file. NOTE: this issue was SPLIT due to different affected versions (ADT3). The irkerbridge.py issue is covered by CVE-2013-7393.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | subversion | — | — |
| apache | subversion | — | — |
| apache | subversion | — | — |
| apache | subversion | — | — |
| apache | subversion | >= 0 < 1.8.5-1 | 1.8.5-1 |
| apache | subversion | >= 0 < 1.8.5-1 | 1.8.5-1 |
| apache | subversion | >= 0 < 1.8.5-1 | 1.8.5-1 |
| apache | subversion | >= 0 < 1.8.5-1 | 1.8.5-1 |
| debian | subversion | < subversion 1.8.5-1 (bookworm) | subversion 1.8.5-1 (bookworm) |
CVSS provenance
nvd2.4LOWAV:L/AC:H/Au:S/C:N/I:P/A:P
osv2.4LOW