CWE-59
Improper Link Resolution Before File Access ('Link Following')
BaseDraftLikelihood: Medium
Description
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-132 · CAPEC-17 · CAPEC-35 · CAPEC-76
CVEs mapped to this weakness (624)
page 22 of 32| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2009-0313 | 0.00 | — | 0.00 | Jan 28, 2009 | winetricks before 20081223 allows local users to overwrite arbitrary files via a symlink attack on the x_showmenu.txt temporary file. | ||
| CVE-2009-0032 | 0.00 | — | 0.00 | Jan 27, 2009 | CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file. | ||
| CVE-1999-1593 | 0.00 | — | 0.04 | Jan 15, 2009 | Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. NOTE: this problem may be limited when Windows 95/98 clients are used, or if the primary domain controller becomes unavailable. | ||
| CVE-2008-5825 | 0.00 | — | 0.01 | Jan 2, 2009 | The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware does not properly display the URI record when the Title record contains a certain combination of space, CR (aka \r), and . (dot) characters, which allows remote attackers to trick a user into loading an arbitrary URI via a crafted NDEF tag, as demonstrated by (1) an http: URI for a malicious web site, (2) a tel: URI for a premium-rate telephone number, and (3) an sms: URI that triggers purchase of a ringtone. | ||
| CVE-2008-5746 | 0.00 | — | 0.00 | Dec 29, 2008 | Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on temporary files. | ||
| CVE-2008-5743 | 0.00 | — | 0.00 | Dec 26, 2008 | pdfjam creates the (1) pdf90, (2) pdfjoin, and (3) pdfnup files with a predictable name, which allows local users to overwrite arbitrary files via a symlink attack. | ||
| CVE-2008-5704 | 0.00 | — | 0.00 | Dec 22, 2008 | src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4 might allow local users to overwrite arbitrary files via a symlink attack on the /tmp/gpsdrive-unit-test/proc temporary file, a different vector than CVE-2008-4959 and CVE-2008-5380. | ||
| CVE-2008-5703 | 0.00 | — | 0.00 | Dec 22, 2008 | gpsdrive (aka gpsdrive-scripts) 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/.smswatch or (b) /tmp/gpsdrivepos temporary file, related to (1) examples/gpssmswatch and (2) src/splash.c, different vectors than CVE-2008-4959 and CVE-2008-5380. | ||
| CVE-2008-5380 | 0.00 | — | 0.00 | Dec 8, 2008 | gpsdrive (aka gpsdrive-scripts) 2.09 allows local users to overwrite arbitrary files via a symlink attack on an (a) /tmp/geo#####, a (b) /tmp/geocaching.loc, a (c) /tmp/geo#####.*, or a (d) /tmp/geo.* temporary file, related to the (1) geo-code and (2) geo-nearest scripts, different vectors than CVE-2008-4959. | ||
| CVE-2008-5379 | 0.00 | — | 0.00 | Dec 8, 2008 | netdisco-mibs-installer 1.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/netdisco-mibs-0.6.tar.gz temporary file, related to the (1) netdisco-mibs-install and (2) netdisco-mibs-download scripts. | ||
| CVE-2008-5378 | 0.00 | — | 0.00 | Dec 8, 2008 | arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/arb_pids_*_* temporary file. | ||
| CVE-2008-5376 | 0.00 | — | 0.00 | Dec 8, 2008 | editcomment in crip 3.7 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.tag.tmp temporary file. | ||
| CVE-2008-5375 | 0.00 | — | 0.00 | Dec 8, 2008 | cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file. | ||
| CVE-2008-5374 | 0.00 | — | 0.00 | Dec 8, 2008 | bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb#####.? temporary file, related to the (1) aliasconv.sh, (2) aliasconv.bash, and (3) cshtobash scripts. | ||
| CVE-2008-5373 | 0.00 | — | 0.00 | Dec 8, 2008 | mtx-changer.Adic-Scalar-24 in bacula-common 2.4.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mtx.##### temporary file, probably a related issue to CVE-2005-2995. | ||
| CVE-2008-5372 | 0.00 | — | 0.00 | Dec 8, 2008 | sdm-login in sdm-terminal 0.4.0b allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sdm.autologin.once temporary file. | ||
| CVE-2008-5371 | 0.00 | — | 0.00 | Dec 8, 2008 | screenie in screenie 1.30.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.screenie.##### temporary file. | ||
| CVE-2008-5370 | 0.00 | — | 0.00 | Dec 8, 2008 | pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pvpgn-support-1.0.tar.gz temporary file. | ||
| CVE-2008-5369 | 0.00 | — | 0.00 | Dec 8, 2008 | noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/noip2 temporary file. | ||
| CVE-2008-5368 | 0.00 | — | 0.00 | Dec 8, 2008 | muttprint in muttprint 0.72d allows local users to overwrite arbitrary files via a symlink attack on the /tmp/muttprint.log temporary file. |