CWE-59
Improper Link Resolution Before File Access ('Link Following')
Description
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-132 · CAPEC-17 · CAPEC-35 · CAPEC-76
CVEs mapped to this weakness (818)
page 38 of 41| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-4085 | 0.00 | — | 0.00 | Sep 15, 2008 | plaiter in Plait before 1.6 allows local users to overwrite arbitrary files via a symlink attack on (1) cut.$$, (2) head.$$, (3) awk.$$, and (4) ps.$$ temporary files in /tmp/. | |||
| CVE-2008-3946 | 0.00 | — | 0.01 | Sep 5, 2008 | The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file. | |||
| CVE-2008-3931 | 0.00 | — | 0.00 | Sep 4, 2008 | javareconf in R 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||
| CVE-2008-3929 | 0.00 | — | 0.00 | Sep 4, 2008 | gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file. | |||
| CVE-2008-3930 | 0.00 | — | 0.00 | Sep 4, 2008 | migrate_aliases.sh in Citadel Server 7.37 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||
| CVE-2008-3927 | 0.00 | — | 0.00 | Sep 4, 2008 | genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete arbitrary files via a symlink attack on temporary files. | |||
| CVE-2008-3928 | 0.00 | — | 0.00 | Sep 4, 2008 | test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||
| CVE-2008-3791 | 0.00 | — | 0.00 | Sep 3, 2008 | src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rot.jpg temporary file. | |||
| CVE-2008-3883 | 0.00 | — | 0.00 | Sep 2, 2008 | configvar in Caudium 1.4.12 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/roken#####.pike temporary file. | |||
| CVE-2008-3699 | 0.00 | — | 0.00 | Aug 14, 2008 | The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file. | |||
| CVE-2008-3456 | 0.00 | — | 0.02 | Aug 4, 2008 | phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack. | |||
| CVE-2008-3329 | 0.00 | — | 0.01 | Jul 27, 2008 | Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs." | |||
| CVE-2008-3216 | 0.00 | — | 0.00 | Jul 18, 2008 | The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack. | |||
| CVE-2008-3227 | 0.00 | — | 0.01 | Jul 18, 2008 | Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability. | |||
| CVE-2008-2311 | 0.00 | — | 0.03 | Jul 1, 2008 | Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is enabled, allows remote attackers to execute arbitrary code via a symlink attack, probably related to a race condition and automatic execution of a downloaded file. | |||
| CVE-2008-2389 | 0.00 | — | 0.00 | Jun 6, 2008 | opensuse-updater in openSUSE 10.2 allows local users to access arbitrary files via a symlink attack. | |||
| CVE-2007-5495 | 0.00 | — | 0.00 | May 23, 2008 | sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the sealert.log temporary file. | |||
| CVE-2008-2266 | 0.00 | — | 0.00 | May 16, 2008 | uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression. | |||
| CVE-2008-1103 | 0.00 | — | 0.00 | Apr 28, 2008 | Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issues." | |||
| CVE-2008-1694 | 0.00 | — | 0.00 | Apr 22, 2008 | vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files. |
- CVE-2008-4085Sep 15, 2008risk 0.00cvss —epss 0.00
plaiter in Plait before 1.6 allows local users to overwrite arbitrary files via a symlink attack on (1) cut.$$, (2) head.$$, (3) awk.$$, and (4) ps.$$ temporary files in /tmp/.
- CVE-2008-3946Sep 5, 2008risk 0.00cvss —epss 0.01
The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file.
- CVE-2008-3931Sep 4, 2008risk 0.00cvss —epss 0.00
javareconf in R 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
- CVE-2008-3929Sep 4, 2008risk 0.00cvss —epss 0.00
gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file.
- CVE-2008-3930Sep 4, 2008risk 0.00cvss —epss 0.00
migrate_aliases.sh in Citadel Server 7.37 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
- CVE-2008-3927Sep 4, 2008risk 0.00cvss —epss 0.00
genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete arbitrary files via a symlink attack on temporary files.
- CVE-2008-3928Sep 4, 2008risk 0.00cvss —epss 0.00
test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on a temporary file.
- CVE-2008-3791Sep 3, 2008risk 0.00cvss —epss 0.00
src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rot.jpg temporary file.
- CVE-2008-3883Sep 2, 2008risk 0.00cvss —epss 0.00
configvar in Caudium 1.4.12 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/roken#####.pike temporary file.
- CVE-2008-3699Aug 14, 2008risk 0.00cvss —epss 0.00
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.
- CVE-2008-3456Aug 4, 2008risk 0.00cvss —epss 0.02
phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.
- CVE-2008-3329Jul 27, 2008risk 0.00cvss —epss 0.01
Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs."
- CVE-2008-3216Jul 18, 2008risk 0.00cvss —epss 0.00
The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack.
- CVE-2008-3227Jul 18, 2008risk 0.00cvss —epss 0.01
Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.
- CVE-2008-2311Jul 1, 2008risk 0.00cvss —epss 0.03
Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is enabled, allows remote attackers to execute arbitrary code via a symlink attack, probably related to a race condition and automatic execution of a downloaded file.
- CVE-2008-2389Jun 6, 2008risk 0.00cvss —epss 0.00
opensuse-updater in openSUSE 10.2 allows local users to access arbitrary files via a symlink attack.
- CVE-2007-5495May 23, 2008risk 0.00cvss —epss 0.00
sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the sealert.log temporary file.
- CVE-2008-2266May 16, 2008risk 0.00cvss —epss 0.00
uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression.
- CVE-2008-1103Apr 28, 2008risk 0.00cvss —epss 0.00
Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issues."
- CVE-2008-1694Apr 22, 2008risk 0.00cvss —epss 0.00
vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.