CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-1090

The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership for certain configuration files and directories including /etc/apache2/vhosts.d, which allows local wwwrun users to gain privileges via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.5%

CVSS Severity

CVSS v2 Score 7.2

References

http://lists.opensuse.org/opensuse-updates/2013-12/msg00025.html
https://bugzilla.novell.com/show_bug.cgi?id=811369
http://lists.opensuse.org/opensuse-updates/2013-12/msg00025.html
https://bugzilla.novell.com/show_bug.cgi?id=811369

Products affected by CVE-2013-1090

Opensuse » Opensuse » Version: 12.3

cpe:2.3:o:opensuse:opensuse:12.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-1090

Products

Pricing

Contact Us