VYPR

CWE-59

Improper Link Resolution Before File Access ('Link Following')

BaseDraftLikelihood: Medium

Description

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-132 · CAPEC-17 · CAPEC-35 · CAPEC-76

CVEs mapped to this weakness (818)

page 23 of 41
  • CVE-2015-0556Apr 8, 2015
    risk 0.00cvss epss 0.04

    Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive.

  • CVE-2015-1377Feb 10, 2015
    risk 0.00cvss epss 0.00

    The Read Mail module in Webmin 1.720 allows local users to read arbitrary files via a symlink attack on an unspecified file.

  • CVE-2014-4480Jan 30, 2015
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in afc in AppleFileConduit in Apple iOS before 8.1.3 and Apple TV before 7.0.3 allows attackers to access unintended filesystem locations by creating a symlink.

  • CVE-2015-1196Jan 21, 2015
    risk 0.00cvss epss 0.06

    GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file.

  • CVE-2015-1194Jan 21, 2015
    risk 0.00cvss epss 0.02

    pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an archive.

  • CVE-2015-1038Jan 21, 2015
    risk 0.00cvss epss 0.03

    p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive.

  • CVE-2014-9508Jan 4, 2015
    risk 0.00cvss epss 0.02

    The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x through 6.2.x before 6.2.9, and 7.x before 7.0.2, when config.prefixLocalAnchors is set and using a homepage with links that only contain anchors, allows remote attackers to change URLs to arbitrary domains for…

  • CVE-2014-9358Dec 16, 2014
    risk 0.00cvss epss 0.03

    Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications."

  • CVE-2014-6407Dec 12, 2014
    risk 0.00cvss epss 0.05

    Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.

  • CVE-2014-3627Dec 5, 2014
    risk 0.00cvss epss 0.03

    The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not…

  • CVE-2014-8585Nov 4, 2014
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in the WordPress Download Manager plugin for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the fname parameter to (1) views/file_download.php or (2) file_download.php.

  • CVE-2014-7206Oct 15, 2014
    risk 0.00cvss epss 0.00

    The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file.

  • CVE-2014-1875Oct 6, 2014
    risk 0.00cvss epss 0.01

    The Capture::Tiny module before 0.24 for Perl allows local users to write to arbitrary files via a symlink attack on a temporary file.

  • CVE-2014-5459Sep 27, 2014
    risk 0.00cvss epss 0.01

    The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions.

  • CVE-2014-4372Sep 18, 2014
    risk 0.00cvss epss 0.00

    syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to change the permissions of arbitrary files via a symlink attack on an unspecified file.

  • CVE-2013-6124Aug 31, 2014
    risk 0.00cvss epss 0.00

    The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed by a (1) chown or (2) chmod command, as demonstrated by changing the…

  • CVE-2014-4199Aug 28, 2014
    risk 0.00cvss epss 0.00

    vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp.

  • CVE-2014-3563Aug 22, 2014
    risk 0.00cvss epss 0.00

    Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.

  • CVE-2014-2524Aug 20, 2014
    risk 0.00cvss epss 0.00

    The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.

  • CVE-2014-5260Aug 16, 2014
    risk 0.00cvss epss 0.00

    The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file.