Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,525 vulnerabilities with CWE-59

xdiagnose <2.5.2ubuntu0.1 - Local Privilege Escalation

openCryptoki 2.4.1 - Local Arbitrary File Write via Symlink Attack on Lock Files

Monkey HTTP Daemon <0.9.3 - Local File Overwrite

munin - Arbitrary File Write via Symlink Attack on Temporary Files

Tunnelblick <3.3beta20 - Local File Deletion

Red Hat Enterprise Linux 5 sudo Script - Arbitrary File Overwrite via Symlink Attack on Temporary File

ioquake3 < r2252 - Arbitrary File Write via Symlink Attack on /tmp/ioq3.pid

Gajim 0.15 - Arbitrary File Overwrite via Symlink Attack on Temporary Latex File

as31 <2.3.1-4 - Info Disclosure

golismero < 0.6.3 - Arbitrary File Overwrite via Symlink Attack on Admin/changes.dat

CVE-2011-4116 LOW

File::Temp - Improper Link Resolution Before File Access

CVE-2011-3632 HIGH

hardlink < 0.1.2 - Symlink Attack via Improper Link Resolution

CVE-2011-3351 HIGH

openvas-scanner < 2011-09-11 - Symlink Attack via Insecure Temporary File Creation

CVE-2011-2924 MEDIUM

foomatic-filters < 4.0.12 - Symlink Attack via Insecure Temporary File Creation

CVE-2011-2923 MEDIUM

foomatic-filters - Symlink Attack via Insecure Temporary File Creation

CVE-2011-1136 MEDIUM

tesseract 2.03-2.04 - Arbitrary File Write via PID Link Guessing

CVE-2011-3618 HIGH

atop - Symlink Attack via Insecure Tempfile Handling

CVE-2011-5271 MEDIUM

Pacemaker < 1.1.6 - Insecure Temporary File Creation

CVE-2011-1408 HIGH

ikiwiki < 3.20110608 - Symlink Attack via Tty Hijacking

CVE-2011-2765 HIGH

Pyro < 3.15 - Arbitrary File Write via Symlink Attack on PID File

CVE-2011-2684 MEDIUM

foo2zjs - Arbitrary File Write via Symlink Attack on /tmp/foo2zjs

Update Manager Symlink Attack via Temporary File Handling

kbd < 1.14.1 - Arbitrary File Overwrite via Symlink Attack on /dev/shm/defkeymap.map

Canonical Ubuntu Linux < 1.1.0 - Symlink Following

Proc::ProcessTable <0.45 - Local Privilege Escalation

Previous Page 47 of 61 Next

Details

Vulnerabilities 1,525

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy