CWE-59
Improper Link Resolution Before File Access ('Link Following')
Description
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-132 · CAPEC-17 · CAPEC-35 · CAPEC-76
CVEs mapped to this weakness (818)
page 39 of 41| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-1901 | 0.00 | — | 0.00 | Apr 22, 2008 | aptlinex before 0.91 allows local users to overwrite arbitrary files via a symlink attack on the gambas-apt.lock temporary file. | |||
| CVE-2007-5664 | 0.00 | — | 0.00 | Apr 16, 2008 | db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization. | |||
| CVE-2008-1832 | 0.00 | — | 0.00 | Apr 16, 2008 | lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file. | |||
| CVE-2008-1684 | 0.00 | — | 0.00 | Apr 6, 2008 | inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file. | |||
| CVE-2008-1569 | 0.00 | — | 0.00 | Mar 31, 2008 | policyd-weight 0.1.14 beta-16 and earlier allows local users to modify or delete arbitrary files via a symlink attack on temporary files that are used when creating a socket. | |||
| CVE-2008-1241 | 0.00 | — | 0.02 | Mar 27, 2008 | GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab. | |||
| CVE-2008-1417 | 0.00 | — | 0.00 | Mar 20, 2008 | The prerm script in axyl 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the axyl.conf temporary file. | |||
| CVE-2008-1199 | 0.00 | — | 0.00 | Mar 6, 2008 | Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack. | |||
| CVE-2008-0883 | 0.00 | — | 0.01 | Mar 6, 2008 | acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling. | |||
| CVE-2008-0930 | 0.00 | — | 0.00 | Mar 4, 2008 | w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information. | |||
| CVE-2008-1078 | 0.00 | — | 0.01 | Feb 29, 2008 | expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1. | |||
| CVE-2008-0870 | 0.00 | — | 0.01 | Feb 21, 2008 | BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session. | |||
| CVE-2008-0806 | 0.00 | — | 0.00 | Feb 19, 2008 | wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file. | |||
| CVE-2008-0163 | 0.00 | — | 0.00 | Feb 12, 2008 | Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc. | |||
| CVE-2008-0732 | 0.00 | — | 0.01 | Feb 12, 2008 | The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories. | |||
| CVE-2008-0665 | 0.00 | — | 0.00 | Feb 11, 2008 | wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file. | |||
| CVE-2008-0666 | 0.00 | — | 0.00 | Feb 11, 2008 | Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by wml_contrib/wmg.cgi and (2) temporary files used by wml_backend/p3_eperl/eperl_sys.c. | |||
| CVE-2007-4998 | 0.00 | — | 0.00 | Jan 31, 2008 | cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination. | |||
| CVE-2008-0525 | 0.00 | — | 0.01 | Jan 31, 2008 | PatchLink Update client for Unix, as used by Novell ZENworks Patch Management Update Agent for Linux/Unix/Mac (LUM) 6.2094 through 6.4102 and other products, allows local users to (1) truncate arbitrary files via a symlink attack on the /tmp/patchlink.tmp file used by the… | |||
| CVE-2007-6692 | 0.00 | — | 0.02 | Jan 17, 2008 | Open redirect vulnerability in Menalto Gallery before 2.2.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) Core and (2) print modules. |
- CVE-2008-1901Apr 22, 2008risk 0.00cvss —epss 0.00
aptlinex before 0.91 allows local users to overwrite arbitrary files via a symlink attack on the gambas-apt.lock temporary file.
- CVE-2007-5664Apr 16, 2008risk 0.00cvss —epss 0.00
db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization.
- CVE-2008-1832Apr 16, 2008risk 0.00cvss —epss 0.00
lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file.
- CVE-2008-1684Apr 6, 2008risk 0.00cvss —epss 0.00
inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file.
- CVE-2008-1569Mar 31, 2008risk 0.00cvss —epss 0.00
policyd-weight 0.1.14 beta-16 and earlier allows local users to modify or delete arbitrary files via a symlink attack on temporary files that are used when creating a socket.
- CVE-2008-1241Mar 27, 2008risk 0.00cvss —epss 0.02
GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab.
- CVE-2008-1417Mar 20, 2008risk 0.00cvss —epss 0.00
The prerm script in axyl 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the axyl.conf temporary file.
- CVE-2008-1199Mar 6, 2008risk 0.00cvss —epss 0.00
Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
- CVE-2008-0883Mar 6, 2008risk 0.00cvss —epss 0.01
acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling.
- CVE-2008-0930Mar 4, 2008risk 0.00cvss —epss 0.00
w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information.
- CVE-2008-1078Feb 29, 2008risk 0.00cvss —epss 0.01
expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1.
- CVE-2008-0870Feb 21, 2008risk 0.00cvss —epss 0.01
BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session.
- CVE-2008-0806Feb 19, 2008risk 0.00cvss —epss 0.00
wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file.
- CVE-2008-0163Feb 12, 2008risk 0.00cvss —epss 0.00
Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc.
- CVE-2008-0732Feb 12, 2008risk 0.00cvss —epss 0.01
The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.
- CVE-2008-0665Feb 11, 2008risk 0.00cvss —epss 0.00
wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file.
- CVE-2008-0666Feb 11, 2008risk 0.00cvss —epss 0.00
Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by wml_contrib/wmg.cgi and (2) temporary files used by wml_backend/p3_eperl/eperl_sys.c.
- CVE-2007-4998Jan 31, 2008risk 0.00cvss —epss 0.00
cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination.
- CVE-2008-0525Jan 31, 2008risk 0.00cvss —epss 0.01
PatchLink Update client for Unix, as used by Novell ZENworks Patch Management Update Agent for Linux/Unix/Mac (LUM) 6.2094 through 6.4102 and other products, allows local users to (1) truncate arbitrary files via a symlink attack on the /tmp/patchlink.tmp file used by the…
- CVE-2007-6692Jan 17, 2008risk 0.00cvss —epss 0.02
Open redirect vulnerability in Menalto Gallery before 2.2.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) Core and (2) print modules.