CVE-2013-1423

Name of the Vulnerable Software and Affected Versions FusionForge versions 5.0 through 5.2

Description The issue allows local users to change arbitrary file permissions, obtain sensitive information, and have other unspecified impacts via a symlink or hard link attack on certain files. This can lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation of these vulnerabilities can be carried out by a local attacker.

Recommendations For FusionForge versions 5.0 through 5.2, consider restricting access to the affected files, such as contrib/gforge-3.0-cronjobs.patch, cronjobs/homedirs.php, and others, to minimize the risk of exploitation. As a temporary workaround, avoid using the vulnerable files until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.