CWE-59
Improper Link Resolution Before File Access ('Link Following')
BaseDraftLikelihood: Medium
Description
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-132 · CAPEC-17 · CAPEC-35 · CAPEC-76
CVEs mapped to this weakness (624)
page 31 of 32| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2007-5207 | 0.00 | — | 0.00 | Oct 4, 2007 | guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file. | ||
| CVE-2007-3916 | 0.00 | — | 0.00 | Sep 24, 2007 | The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete arbitrary files via a symlink attack on a skkdic$PID temporary file. | ||
| CVE-2007-4631 | 0.00 | — | 0.00 | Aug 31, 2007 | The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1 allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on temporary files with predictable filenames. | ||
| CVE-2007-4224 | 0.00 | — | 0.01 | Aug 8, 2007 | KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property. | ||
| CVE-2007-3742 | 0.00 | — | 0.01 | Aug 3, 2007 | WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, does not properly handle the interaction between International Domain Name (IDN) support and Unicode fonts, which allows remote attackers to create a URL containing "look-alike characters" (homographs) and possibly perform phishing attacks. | ||
| CVE-2007-2978 | 0.00 | — | 0.01 | Jun 1, 2007 | Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | ||
| CVE-2007-1027 | 0.00 | — | 0.00 | Feb 21, 2007 | Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users to overwrite arbitrary files via a symlink attack on the DB2DIAG.LOG temporary file. | ||
| CVE-2006-1247 | 0.00 | — | 0.00 | Apr 19, 2006 | rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||
| CVE-2005-2527 | 0.00 | — | 0.00 | Dec 31, 2005 | Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to corrupt files or create arbitrary files via unspecified attack vectors related to a temporary directory, possibly due to a symlink attack. | ||
| CVE-2005-3126 | 0.00 | — | 0.00 | Dec 31, 2005 | The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and earlier allow local users to overwrite arbitrary files via a symlink attack on temporary (a) output and (b) error files. | ||
| CVE-2005-2714 | 0.00 | — | 0.00 | Dec 31, 2005 | passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file. | ||
| CVE-2005-3349 | 0.00 | — | 0.00 | Nov 18, 2005 | GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file. | ||
| CVE-2005-3011 | 0.00 | — | 0.00 | Sep 21, 2005 | The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||
| CVE-2005-0004 | 0.00 | — | 0.00 | Apr 14, 2005 | The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files. | ||
| CVE-2004-0967 | 0.00 | — | 0.00 | Feb 9, 2005 | The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on temporary files. | ||
| CVE-2004-2473 | 0.00 | — | 0.00 | Dec 31, 2004 | wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||
| CVE-2003-1528 | 0.00 | — | 0.00 | Dec 31, 2003 | nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to overwrite arbitrary files via a symlink attack on the nsrsh[PID] temporary file. | ||
| CVE-2003-1492 | 0.00 | — | 0.00 | Dec 31, 2003 | Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end. | ||
| CVE-2002-2382 | 0.00 | — | 0.00 | Dec 31, 2002 | cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out. | ||
| CVE-2002-2374 | 0.00 | — | 0.00 | Dec 31, 2002 | Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files." |