CVE-2013-5724

Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable permissions for cache files, which allows local users to modify the file contents via standard filesystem write operations.

Affected Software

Name	Vendor	Start Version	End Version
Phpbb3	Debian	3.0.0-1	3.0.0-1
Phpbb3	Debian	3.0.0-2	3.0.0-2
Phpbb3	Debian	3.0.0-b5	3.0.0-b5
Phpbb3	Debian	3.0.0-rc1	3.0.0-rc1
Phpbb3	Debian	3.0.0-rc2-1	3.0.0-rc2-1
Phpbb3	Debian	3.0.0-rc3-1	3.0.0-rc3-1
Phpbb3	Debian	3.0.0-rc4-1	3.0.0-rc4-1
Phpbb3	Debian	3.0.0-rc5-1	3.0.0-rc5-1
Phpbb3	Debian	3.0.0-rc7-1	3.0.0-rc7-1
Phpbb3	Debian	3.0.1-1	3.0.1-1
Phpbb3	Debian	3.0.2-1	3.0.2-1
Phpbb3	Debian	3.0.2-2	3.0.2-2
Phpbb3	Debian	3.0.2-3	3.0.2-3
Phpbb3	Debian	3.0.2-4	3.0.2-4
Phpbb3	Debian	3.0.4-1	3.0.4-1
Phpbb3	Debian	3.0.7-p1-1	3.0.7-p1-1
Phpbb3	Debian	3.0.7-p1-2	3.0.7-p1-2
Phpbb3	Debian	3.0.7-p1-3	3.0.7-p1-3
Phpbb3	Debian	3.0.7-p1-4	3.0.7-p1-4
Phpbb3	Debian	3.0.7-p1-5	3.0.7-p1-5
Phpbb3	Debian	3.0.9-1	3.0.9-1
Phpbb3	Debian	3.0.10-1	3.0.10-1
Phpbb3	Debian	3.0.10-2	3.0.10-2
Phpbb3	Debian	3.0.11-1	3.0.11-1
Phpbb3	Debian	3.0.11-2	3.0.11-2
Phpbb3	Debian	*	3.0.11-3
Phpbb3	Ubuntu	lucid	*
Phpbb3	Ubuntu	precise	*
Phpbb3	Ubuntu	quantal	*
Phpbb3	Ubuntu	raring	*
Phpbb3	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2013-5724
CWE	https://cwe.mitre.org/data/definitions/264.html

Affected Software

References