CWE-59
Improper Link Resolution Before File Access ('Link Following')
Description
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-132 · CAPEC-17 · CAPEC-35 · CAPEC-76
CVEs mapped to this weakness (818)
page 40 of 41| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-6595 | 0.00 | — | 0.00 | Dec 31, 2007 | ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled. | |||
| CVE-2007-6208 | 0.00 | — | 0.00 | Dec 4, 2007 | sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary files via a symlink attack on the sylprint.[USER].[PID] temporary file. | |||
| CVE-2007-6061 | 0.00 | — | 0.03 | Nov 20, 2007 | Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. NOTE: this issue can be… | |||
| CVE-2007-5940 | 0.00 | — | 0.00 | Nov 13, 2007 | feynmf.pl in feynmf 1.08, as used in TeXLive 2007, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the feynmf$$.pl temporary file. | |||
| CVE-2007-4129 | 0.00 | — | 0.00 | Nov 8, 2007 | CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory. | |||
| CVE-2007-3921 | 0.00 | — | 0.00 | Nov 8, 2007 | gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files via a symlink attack on temporary files. | |||
| CVE-2007-5839 | 0.00 | — | 0.00 | Nov 6, 2007 | The e_hostname function in commands.c in BitchX 1.1a allows local users to overwrite arbitrary files via a symlink attack on temporary files when using the (1) HOSTNAME or (2) IRCHOST command. | |||
| CVE-2007-5805 | 0.00 | — | 0.00 | Nov 5, 2007 | cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the… | |||
| CVE-2007-5718 | 0.00 | — | 0.00 | Oct 30, 2007 | vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file. | |||
| CVE-2007-5695 | 0.00 | — | 0.02 | Oct 29, 2007 | Open redirect vulnerability in command.php in SiteBar 3.3.8 allows remote attackers to redirect users to arbitrary web sites via a URL in the forward parameter in a Log In action. | |||
| CVE-2007-3919 | 0.00 | — | 0.00 | Oct 28, 2007 | (1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm. | |||
| CVE-2007-5200 | 0.00 | — | 0.00 | Oct 14, 2007 | hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugin_debug_optim_results.txt temporary file. | |||
| CVE-2007-5437 | 0.00 | — | 0.03 | Oct 13, 2007 | The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689. | |||
| CVE-2007-5377 | 0.00 | — | 0.00 | Oct 12, 2007 | The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file functions in Tramp 2.1.10 extension for Emacs, and possibly earlier 2.1.x versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||
| CVE-2007-5207 | 0.00 | — | 0.00 | Oct 4, 2007 | guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file. | |||
| CVE-2007-3916 | 0.00 | — | 0.00 | Sep 24, 2007 | The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete arbitrary files via a symlink attack on a skkdic$PID temporary file. | |||
| CVE-2007-4631 | 0.00 | — | 0.00 | Aug 31, 2007 | The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1 allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on temporary files with predictable filenames. | |||
| CVE-2007-4224 | 0.00 | — | 0.02 | Aug 8, 2007 | KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property. | |||
| CVE-2007-3742 | 0.00 | — | 0.02 | Aug 3, 2007 | WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, does not properly handle the interaction between International Domain Name (IDN) support and Unicode fonts, which allows remote attackers to create a URL containing "look-alike characters" (homographs)… | |||
| CVE-2007-2978 | 0.00 | — | 0.01 | Jun 1, 2007 | Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. |
- CVE-2007-6595Dec 31, 2007risk 0.00cvss —epss 0.00
ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled.
- CVE-2007-6208Dec 4, 2007risk 0.00cvss —epss 0.00
sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary files via a symlink attack on the sylprint.[USER].[PID] temporary file.
- CVE-2007-6061Nov 20, 2007risk 0.00cvss —epss 0.03
Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. NOTE: this issue can be…
- CVE-2007-5940Nov 13, 2007risk 0.00cvss —epss 0.00
feynmf.pl in feynmf 1.08, as used in TeXLive 2007, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the feynmf$$.pl temporary file.
- CVE-2007-4129Nov 8, 2007risk 0.00cvss —epss 0.00
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory.
- CVE-2007-3921Nov 8, 2007risk 0.00cvss —epss 0.00
gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files via a symlink attack on temporary files.
- CVE-2007-5839Nov 6, 2007risk 0.00cvss —epss 0.00
The e_hostname function in commands.c in BitchX 1.1a allows local users to overwrite arbitrary files via a symlink attack on temporary files when using the (1) HOSTNAME or (2) IRCHOST command.
- CVE-2007-5805Nov 5, 2007risk 0.00cvss —epss 0.00
cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the…
- CVE-2007-5718Oct 30, 2007risk 0.00cvss —epss 0.00
vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file.
- CVE-2007-5695Oct 29, 2007risk 0.00cvss —epss 0.02
Open redirect vulnerability in command.php in SiteBar 3.3.8 allows remote attackers to redirect users to arbitrary web sites via a URL in the forward parameter in a Log In action.
- CVE-2007-3919Oct 28, 2007risk 0.00cvss —epss 0.00
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
- CVE-2007-5200Oct 14, 2007risk 0.00cvss —epss 0.00
hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugin_debug_optim_results.txt temporary file.
- CVE-2007-5437Oct 13, 2007risk 0.00cvss —epss 0.03
The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689.
- CVE-2007-5377Oct 12, 2007risk 0.00cvss —epss 0.00
The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file functions in Tramp 2.1.10 extension for Emacs, and possibly earlier 2.1.x versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
- CVE-2007-5207Oct 4, 2007risk 0.00cvss —epss 0.00
guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file.
- CVE-2007-3916Sep 24, 2007risk 0.00cvss —epss 0.00
The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete arbitrary files via a symlink attack on a skkdic$PID temporary file.
- CVE-2007-4631Aug 31, 2007risk 0.00cvss —epss 0.00
The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1 allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on temporary files with predictable filenames.
- CVE-2007-4224Aug 8, 2007risk 0.00cvss —epss 0.02
KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property.
- CVE-2007-3742Aug 3, 2007risk 0.00cvss —epss 0.02
WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, does not properly handle the interaction between International Domain Name (IDN) support and Unicode fonts, which allows remote attackers to create a URL containing "look-alike characters" (homographs)…
- CVE-2007-2978Jun 1, 2007risk 0.00cvss —epss 0.01
Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.