CVE-2013-5724

Severity

21%

Complexity

39%

Confidentiality

48%

Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable permissions for cache files, which allows local users to modify the file contents via standard filesystem write operations.

Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable permissions for cache files, which allows local users to modify the file contents via standard filesystem write operations.

CVSS 2.0 Base Score 2.1. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:P/A:N).

Overview

Type

Debian phpBB3

First reported 11 years ago

2013-09-12 13:31:00

Last updated 11 years ago

2013-09-23 23:21:00

Affected Software

Debian phpBB3 3.0.0-1

3.0.0-1

Debian phpBB3 3.0.0-2

3.0.0-2

Debian phpBB3 3.0.0-b5

3.0.0-b5

Debian phpBB3 3.0.0-rc1

3.0.0-rc1

Debian phpBB3 3.0.0-rc2-1

3.0.0-rc2-1

Debian phpBB3 3.0.0-rc3-1

3.0.0-rc3-1

Debian phpBB3 3.0.0-rc4-1

3.0.0-rc4-1

Debian phpBB3 3.0.0-rc5-1

3.0.0-rc5-1

Debian phpBB3 3.0.0-rc7-1

3.0.0-rc7-1

Debian phpBB3 3.0.1-1

3.0.1-1

Debian phpBB3 3.0.2-1

3.0.2-1

Debian phpBB3 3.0.2-2

3.0.2-2

Debian phpBB3 3.0.2-3

3.0.2-3

Debian phpBB3 3.0.2-4

3.0.2-4

Debian phpBB3 3.0.4-1

3.0.4-1

Debian phpBB3 3.0.7-p1-1

3.0.7-p1-1

Debian phpBB3 3.0.7-p1-2

3.0.7-p1-2

Debian phpBB3 3.0.7-p1-3

3.0.7-p1-3

Debian phpBB3 3.0.7-p1-4

3.0.7-p1-4

Debian phpBB3 3.0.7-p1-5

3.0.7-p1-5

Debian phpBB3 3.0.9-1

3.0.9-1

Debian phpBB3 3.0.10-1

3.0.10-1

Debian phpBB3 3.0.10-2

3.0.10-2

Debian phpBB3 3.0.11-1

3.0.11-1

Debian phpBB3 3.0.11-2

3.0.11-2

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711172

54665

Vendor Advisory

DSA-2752

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.