Executive Summary

Informations
Name CVE-2013-4235 First vendor Publication 2019-12-03
Vendor Cve Last vendor Modification 2023-02-13

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Overall CVSS Score 4.7
Base Score 4.7 Environmental Score 4.7
impact SubScore 3.6 Temporal Score 4.7
Exploitabality Sub Score 1
 
Attack Vector Local Attack Complexity High
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact None
Integrity Impact High Availability Impact None
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:N/I:P/A:P)
Cvss Base Score 3.3 Attack Range Local
Cvss Impact Score 4.9 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Os 3
Os 2
Os 2

Sources (Detail)

Source Url
GENTOO https://security.gentoo.org/glsa/202210-26
MISC https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0...
https://security-tracker.debian.org/tracker/CVE-2013-4235

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
Date Informations
2023-02-13 05:27:41
  • Multiple Updates
2022-12-03 09:27:27
  • Multiple Updates
2022-10-31 09:28:02
  • Multiple Updates
2021-05-04 12:28:55
  • Multiple Updates
2021-04-22 01:35:05
  • Multiple Updates
2021-03-26 12:11:38
  • Multiple Updates
2020-09-03 01:09:55
  • Multiple Updates
2020-05-23 00:37:55
  • First insertion