Vulnerability Details : CVE-2013-5724
Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable permissions for cache files, which allows local users to modify the file contents via standard filesystem write operations.
Products affected by CVE-2013-5724
- cpe:2.3:a:debian:phpbb3:*:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.11-2:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.2-2:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.2-1:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.1-1:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.0-1:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.10-2:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.9-1:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.7-p1-1:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.2-4:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.0-rc7-1:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.0-rc4-1:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.7-p1-5:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.7-p1-4:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.7-p1-3:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.7-p1-2:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.0-rc3-1:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.0-rc2-1:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.0-rc1:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.0-b5:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.11-1:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.10-1:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.4-1:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.2-3:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.0-2:*:*:*:*:*:*:*
- cpe:2.3:a:debian:phpbb3:3.0.0-rc5-1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-5724
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-5724
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:P/A:N |
3.9
|
2.9
|
NIST |
CWE ids for CVE-2013-5724
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-5724
-
http://www.debian.org/security/2013/dsa-2752
Debian -- Security Information -- DSA-2752-1 phpbb3
-
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711172
#711172 - phpbb3: creates world writable /var/cache/phpbb3/cache/phpbb3/data_hooks.php - Debian Bug report logs
Jump to