CWE-59
Improper Link Resolution Before File Access ('Link Following')
Description
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-132 · CAPEC-17 · CAPEC-35 · CAPEC-76
CVEs mapped to this weakness (818)
page 27 of 41| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-5564 | 0.00 | — | 0.00 | Feb 14, 2013 | android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users to overwrite arbitrary files via a symlink attack on /tmp/adb.log. | |||
| CVE-2012-6348 | 0.00 | — | 0.00 | Jan 4, 2013 | Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or (2) overwrite arbitrary files and consequently gain privileges via a symlink… | |||
| CVE-2012-3329 | 0.00 | — | 0.00 | Dec 19, 2012 | IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator (BoMC) through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via a symlink attack on a (1) temporary file or (2) log file. | |||
| CVE-2012-5355 | 0.00 | — | 0.00 | Oct 10, 2012 | welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp. | |||
| CVE-2012-4455 | 0.00 | — | 0.00 | Oct 10, 2012 | openCryptoki 2.4.1 allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) LCK..opencryptoki or (2) LCK..opencryptoki_stdll file in /var/lock/. | |||
| CVE-2011-4363 | 0.00 | — | 0.00 | Oct 7, 2012 | ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS. | |||
| CVE-2012-5303 | 0.00 | — | 0.00 | Oct 5, 2012 | Monkey HTTP Daemon 0.9.3 might allow local users to overwrite arbitrary files via a symlink attack on a PID file, as demonstrated by a pathname different from the default /var/run/monkey.pid pathname. | |||
| CVE-2011-5146 | 0.00 | — | 0.00 | Aug 31, 2012 | Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary files via a symlink attack on /tmp/graph.dot. | |||
| CVE-2012-2103 | 0.00 | — | 0.00 | Aug 26, 2012 | The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names. | |||
| CVE-2012-4676 | 0.00 | — | 0.00 | Aug 26, 2012 | The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a (1) symlink or (2) hard link, a different vulnerability than CVE-2012-3485. | |||
| CVE-2012-3440 | 0.00 | — | 0.00 | Aug 8, 2012 | A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file. | |||
| CVE-2011-4028 | 0.00 | — | 0.00 | Jul 3, 2012 | The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists. | |||
| CVE-2012-3345 | 0.00 | — | 0.00 | Jun 15, 2012 | ioquake3 before r2253 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ioq3.pid temporary file. | |||
| CVE-2011-2722 | 0.00 | — | 0.00 | May 25, 2012 | The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file. | |||
| CVE-2012-2093 | 0.00 | — | 0.00 | May 18, 2012 | src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the get_tmpfile_name function. | |||
| CVE-2012-0808 | 0.00 | — | 0.00 | Mar 19, 2012 | as31 2.3.1-4 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink attack. | |||
| CVE-2012-0054 | 0.00 | — | 0.00 | Mar 19, 2012 | libs/updater.py in GoLismero 0.6.3, and other versions before Git revision 2b3bb43d6867, as used in backtrack and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on GoLismero-controlled files, as demonstrated using Admin/changes.dat. | |||
| CVE-2011-4105 | 0.00 | — | 0.00 | Feb 17, 2012 | LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority. | |||
| CVE-2011-1384 | 0.00 | — | 0.00 | Jan 4, 2012 | The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an… | |||
| CVE-2011-4617 | 0.00 | — | 0.00 | Dec 31, 2011 | virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/. |
- CVE-2012-5564Feb 14, 2013risk 0.00cvss —epss 0.00
android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users to overwrite arbitrary files via a symlink attack on /tmp/adb.log.
- CVE-2012-6348Jan 4, 2013risk 0.00cvss —epss 0.00
Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or (2) overwrite arbitrary files and consequently gain privileges via a symlink…
- CVE-2012-3329Dec 19, 2012risk 0.00cvss —epss 0.00
IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator (BoMC) through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via a symlink attack on a (1) temporary file or (2) log file.
- CVE-2012-5355Oct 10, 2012risk 0.00cvss —epss 0.00
welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.
- CVE-2012-4455Oct 10, 2012risk 0.00cvss —epss 0.00
openCryptoki 2.4.1 allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) LCK..opencryptoki or (2) LCK..opencryptoki_stdll file in /var/lock/.
- CVE-2011-4363Oct 7, 2012risk 0.00cvss —epss 0.00
ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS.
- CVE-2012-5303Oct 5, 2012risk 0.00cvss —epss 0.00
Monkey HTTP Daemon 0.9.3 might allow local users to overwrite arbitrary files via a symlink attack on a PID file, as demonstrated by a pathname different from the default /var/run/monkey.pid pathname.
- CVE-2011-5146Aug 31, 2012risk 0.00cvss —epss 0.00
Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary files via a symlink attack on /tmp/graph.dot.
- CVE-2012-2103Aug 26, 2012risk 0.00cvss —epss 0.00
The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.
- CVE-2012-4676Aug 26, 2012risk 0.00cvss —epss 0.00
The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a (1) symlink or (2) hard link, a different vulnerability than CVE-2012-3485.
- CVE-2012-3440Aug 8, 2012risk 0.00cvss —epss 0.00
A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file.
- CVE-2011-4028Jul 3, 2012risk 0.00cvss —epss 0.00
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.
- CVE-2012-3345Jun 15, 2012risk 0.00cvss —epss 0.00
ioquake3 before r2253 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ioq3.pid temporary file.
- CVE-2011-2722May 25, 2012risk 0.00cvss —epss 0.00
The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.
- CVE-2012-2093May 18, 2012risk 0.00cvss —epss 0.00
src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the get_tmpfile_name function.
- CVE-2012-0808Mar 19, 2012risk 0.00cvss —epss 0.00
as31 2.3.1-4 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink attack.
- CVE-2012-0054Mar 19, 2012risk 0.00cvss —epss 0.00
libs/updater.py in GoLismero 0.6.3, and other versions before Git revision 2b3bb43d6867, as used in backtrack and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on GoLismero-controlled files, as demonstrated using Admin/changes.dat.
- CVE-2011-4105Feb 17, 2012risk 0.00cvss —epss 0.00
LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority.
- CVE-2011-1384Jan 4, 2012risk 0.00cvss —epss 0.00
The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an…
- CVE-2011-4617Dec 31, 2011risk 0.00cvss —epss 0.00
virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/.