Arbitrary File Overwrite Vulnerability in Apache Commons FileUpload
CVE-2013-0248 · LOW Severity
AV:L/AC:M/AU:N/C:N/I:P/A:P
The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.
Learn more about our Cis Benchmark Audit For Apache Http Server.