CVE-2013-4262
Subversion 1.8.0-1.8.2 - Privilege Escalation via PID File Symlink Attack
Title source: llmDescription
svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a symlink attack on the pid file. NOTE: this issue was SPLIT due to different affected versions (ADT3). The irkerbridge.py issue is covered by CVE-2013-7393.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
Vendor Advisory x_refsource_confirm
https://subversion.apache.org/security/CVE-2013-4262-advisory.txt
Scores
EPSS
0.0026
EPSS Percentile
49.6%
Details
CWE
CWE-59
Status
published
Products (3)
apache/subversion
1.8.0
apache/subversion
1.8.1
apache/subversion
1.8.2
Published
Jul 28, 2014
Tracked Since
Feb 18, 2026