VYPR

CWE-59

Improper Link Resolution Before File Access ('Link Following')

BaseDraftLikelihood: Medium

Description

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-132 · CAPEC-17 · CAPEC-35 · CAPEC-76

CVEs mapped to this weakness (818)

page 38 of 41
  • CVE-2008-4085Sep 15, 2008
    risk 0.00cvss epss 0.00

    plaiter in Plait before 1.6 allows local users to overwrite arbitrary files via a symlink attack on (1) cut.$$, (2) head.$$, (3) awk.$$, and (4) ps.$$ temporary files in /tmp/.

  • CVE-2008-3946Sep 5, 2008
    risk 0.00cvss epss 0.01

    The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file.

  • CVE-2008-3931Sep 4, 2008
    risk 0.00cvss epss 0.00

    javareconf in R 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

  • CVE-2008-3929Sep 4, 2008
    risk 0.00cvss epss 0.00

    gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file.

  • CVE-2008-3930Sep 4, 2008
    risk 0.00cvss epss 0.00

    migrate_aliases.sh in Citadel Server 7.37 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.

  • CVE-2008-3927Sep 4, 2008
    risk 0.00cvss epss 0.00

    genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete arbitrary files via a symlink attack on temporary files.

  • CVE-2008-3928Sep 4, 2008
    risk 0.00cvss epss 0.00

    test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on a temporary file.

  • CVE-2008-3791Sep 3, 2008
    risk 0.00cvss epss 0.00

    src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rot.jpg temporary file.

  • CVE-2008-3883Sep 2, 2008
    risk 0.00cvss epss 0.00

    configvar in Caudium 1.4.12 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/roken#####.pike temporary file.

  • CVE-2008-3699Aug 14, 2008
    risk 0.00cvss epss 0.00

    The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.

  • CVE-2008-3456Aug 4, 2008
    risk 0.00cvss epss 0.02

    phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.

  • CVE-2008-3329Jul 27, 2008
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs."

  • CVE-2008-3216Jul 18, 2008
    risk 0.00cvss epss 0.00

    The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack.

  • CVE-2008-3227Jul 18, 2008
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.

  • CVE-2008-2311Jul 1, 2008
    risk 0.00cvss epss 0.03

    Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is enabled, allows remote attackers to execute arbitrary code via a symlink attack, probably related to a race condition and automatic execution of a downloaded file.

  • CVE-2008-2389Jun 6, 2008
    risk 0.00cvss epss 0.00

    opensuse-updater in openSUSE 10.2 allows local users to access arbitrary files via a symlink attack.

  • CVE-2007-5495May 23, 2008
    risk 0.00cvss epss 0.00

    sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the sealert.log temporary file.

  • CVE-2008-2266May 16, 2008
    risk 0.00cvss epss 0.00

    uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression.

  • CVE-2008-1103Apr 28, 2008
    risk 0.00cvss epss 0.00

    Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issues."

  • CVE-2008-1694Apr 22, 2008
    risk 0.00cvss epss 0.00

    vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.