CWE-59
Improper Link Resolution Before File Access ('Link Following')
BaseDraftLikelihood: Medium
Description
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-132 · CAPEC-17 · CAPEC-35 · CAPEC-76
CVEs mapped to this weakness (624)
page 28 of 32| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-3524 | 0.00 | — | 0.00 | Sep 29, 2008 | rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or directory under (1) /var/lock or (2) /var/run. | ||
| CVE-2008-4191 | 0.00 | — | 0.00 | Sep 24, 2008 | extract-table.pl in Emacspeak 26 and 28 allows local users to overwrite arbitrary files via a symlink attack on the extract-table.csv temporary file. | ||
| CVE-2008-4162 | 0.00 | — | 0.00 | Sep 22, 2008 | Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the g_site_url parameter. | ||
| CVE-2008-4108 | 0.00 | — | 0.00 | Sep 18, 2008 | Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in an untrusted directory. | ||
| CVE-2008-4104 | 0.00 | — | 0.00 | Sep 18, 2008 | Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL. | ||
| CVE-2008-4098 | 0.00 | — | 0.00 | Sep 18, 2008 | MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097. | ||
| CVE-2008-4085 | 0.00 | — | 0.00 | Sep 15, 2008 | plaiter in Plait before 1.6 allows local users to overwrite arbitrary files via a symlink attack on (1) cut.$$, (2) head.$$, (3) awk.$$, and (4) ps.$$ temporary files in /tmp/. | ||
| CVE-2008-3946 | 0.00 | — | 0.00 | Sep 5, 2008 | The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file. | ||
| CVE-2008-3928 | 0.00 | — | 0.00 | Sep 4, 2008 | test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on a temporary file. | ||
| CVE-2008-3927 | 0.00 | — | 0.00 | Sep 4, 2008 | genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete arbitrary files via a symlink attack on temporary files. | ||
| CVE-2008-3930 | 0.00 | — | 0.00 | Sep 4, 2008 | migrate_aliases.sh in Citadel Server 7.37 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | ||
| CVE-2008-3929 | 0.00 | — | 0.00 | Sep 4, 2008 | gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file. | ||
| CVE-2008-3931 | 0.00 | — | 0.00 | Sep 4, 2008 | javareconf in R 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||
| CVE-2008-3791 | 0.00 | — | 0.00 | Sep 3, 2008 | src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rot.jpg temporary file. | ||
| CVE-2008-3883 | 0.00 | — | 0.00 | Sep 2, 2008 | configvar in Caudium 1.4.12 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/roken#####.pike temporary file. | ||
| CVE-2008-3699 | 0.00 | — | 0.00 | Aug 14, 2008 | The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file. | ||
| CVE-2008-3456 | 0.00 | — | 0.02 | Aug 4, 2008 | phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack. | ||
| CVE-2008-3329 | 0.00 | — | 0.00 | Jul 27, 2008 | Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs." | ||
| CVE-2008-3216 | 0.00 | — | 0.00 | Jul 18, 2008 | The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack. | ||
| CVE-2008-3227 | 0.00 | — | 0.00 | Jul 18, 2008 | Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability. |