CVE-2010-3691

PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to overwrite arbitrary files via a symlink attack on an unspecified file.

Published: 2010-10-07 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]

Conclusion & alert: CVE-2010-3691 is rated Low Risk (22.9/100): CVSS Low severity, with low exploitation likelihood (EPSS 0.35%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2010-3691

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.06% 0.35% +0.29%
2 2025-06-13 0.04% 0.06% +0.02%
3 2023-03-07 0.04%

Full EPSS history (4 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2010-3691

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
3.3 2.0 LOW
AV:L/AC:M/Au:N/C:N/I:P/A:P Click to expand
Access vector (AV:L)
Requires local access to the target system.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:N)
No confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
3.4 4.9 [email protected]

Weakness enumeration for CVE-2010-3691

OS Trackers for CVE-2010-3691

vendor priority summary link
ubuntu medium CVE-2010-3691 medium priority: Ubuntu including 2 source packages (glpi, moodle), 38 status rows across 19 suites (dapper, hardy, jaunty, karmic, lucid, maverick, natty, oneiric, precise, quantal, raring, saucy, trusty, upstream, utopic, vivid, wily, xenial, yakkety): ignored 21, not-affected 12, DNE 3, needs-triage 1, released 1. https://ubuntu.com/security/CVE-2010-3691

Affected software / configurations for CVE-2010-3691

Vendor Product Version Raw CPE
apereo phpcas <= 1.1.2 cpe:2.3:a:apereo:phpcas:*:*:*:*:*:*:*:*
apereo phpcas 0.2 cpe:2.3:a:apereo:phpcas:0.2:*:*:*:*:*:*:*
apereo phpcas 0.3 cpe:2.3:a:apereo:phpcas:0.3:*:*:*:*:*:*:*
apereo phpcas 0.3.1 cpe:2.3:a:apereo:phpcas:0.3.1:*:*:*:*:*:*:*
apereo phpcas 0.3.2 cpe:2.3:a:apereo:phpcas:0.3.2:*:*:*:*:*:*:*
apereo phpcas 0.4 cpe:2.3:a:apereo:phpcas:0.4:*:*:*:*:*:*:*
apereo phpcas 0.4.1 cpe:2.3:a:apereo:phpcas:0.4.1:*:*:*:*:*:*:*
apereo phpcas 0.4.8 cpe:2.3:a:apereo:phpcas:0.4.8:*:*:*:*:*:*:*
apereo phpcas 0.4.9 cpe:2.3:a:apereo:phpcas:0.4.9:*:*:*:*:*:*:*
apereo phpcas 0.4.10 cpe:2.3:a:apereo:phpcas:0.4.10:*:*:*:*:*:*:*
apereo phpcas 0.4.11 cpe:2.3:a:apereo:phpcas:0.4.11:*:*:*:*:*:*:*
apereo phpcas 0.4.12 cpe:2.3:a:apereo:phpcas:0.4.12:*:*:*:*:*:*:*
apereo phpcas 0.4.13 cpe:2.3:a:apereo:phpcas:0.4.13:*:*:*:*:*:*:*
apereo phpcas 0.4.14 cpe:2.3:a:apereo:phpcas:0.4.14:*:*:*:*:*:*:*
apereo phpcas 0.4.15 cpe:2.3:a:apereo:phpcas:0.4.15:*:*:*:*:*:*:*
apereo phpcas 0.4.16 cpe:2.3:a:apereo:phpcas:0.4.16:*:*:*:*:*:*:*
apereo phpcas 0.4.17 cpe:2.3:a:apereo:phpcas:0.4.17:*:*:*:*:*:*:*
apereo phpcas 0.4.18 cpe:2.3:a:apereo:phpcas:0.4.18:*:*:*:*:*:*:*
apereo phpcas 0.4.19 cpe:2.3:a:apereo:phpcas:0.4.19:*:*:*:*:*:*:*
apereo phpcas 0.4.20 cpe:2.3:a:apereo:phpcas:0.4.20:*:*:*:*:*:*:*
apereo phpcas 0.4.21 cpe:2.3:a:apereo:phpcas:0.4.21:*:*:*:*:*:*:*
apereo phpcas 0.4.22 cpe:2.3:a:apereo:phpcas:0.4.22:*:*:*:*:*:*:*
apereo phpcas 0.4.23 cpe:2.3:a:apereo:phpcas:0.4.23:*:*:*:*:*:*:*
apereo phpcas 0.5.0 cpe:2.3:a:apereo:phpcas:0.5.0:*:*:*:*:*:*:*
apereo phpcas 0.5.1 cpe:2.3:a:apereo:phpcas:0.5.1:*:*:*:*:*:*:*
apereo phpcas 0.6.0 cpe:2.3:a:apereo:phpcas:0.6.0:*:*:*:*:*:*:*
apereo phpcas 1.0.0 cpe:2.3:a:apereo:phpcas:1.0.0:*:*:*:*:*:*:*
apereo phpcas 1.0.1 cpe:2.3:a:apereo:phpcas:1.0.1:*:*:*:*:*:*:*
apereo phpcas 1.1.0 cpe:2.3:a:apereo:phpcas:1.1.0:*:*:*:*:*:*:*
apereo phpcas 1.1.1 cpe:2.3:a:apereo:phpcas:1.1.1:*:*:*:*:*:*:*

References for CVE-2010-3691

URL Tags
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html
http://secunia.com/advisories/41878
http://secunia.com/advisories/42149
http://secunia.com/advisories/42184
http://secunia.com/advisories/43427
http://www.debian.org/security/2011/dsa-2172
http://www.openwall.com/lists/oss-security/2010/09/29/6
http://www.openwall.com/lists/oss-security/2010/10/01/2
http://www.openwall.com/lists/oss-security/2010/10/01/5
http://www.securityfocus.com/bid/43585
http://www.vupen.com/english/advisories/2010/2705
http://www.vupen.com/english/advisories/2010/2909
http://www.vupen.com/english/advisories/2011/0456
https://developer.jasig.org/source/changelog/jasigsvn?cs=21538
https://forge.indepnet.net/projects/glpi/repository/revisions/12601
https://issues.jasig.org/browse/PHPCAS-80
cvelogic Threat Intelligence