For this vulnerability to be exploitable, the following conditions must be met:
1) The attacker must have shell access to the machine on which Axis2
runs with any account. Obviously the vulnerability is interesting only
if that account is unprivileged and different from the account Axis2
runs as.
I am out of the office from Tue 07/28/2015 until Mon 08/03/2015.
Note: This is an automated response to your message "Re:
apache-commons-fileupload symlink vulnerability CVE-2013-0248" sent on
8/1/15 8:12:03 PM.
This is the only notification you will receive while this person is away.
