Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,527 vulnerabilities with CWE-59

Apple Mac OS X 10.5.8 and 10.6 < 10.6.4 - Arbitrary Folder Deletion via Symlink Attack

emesene < 1.6.2 - Arbitrary File Overwrite via Symlink Attack on Temporary File

Mathematica 7 - Arbitrary File Overwrite via Symlink Attack on /tmp/MathLink/ or /tmp/fonts$$.conf

MySQL < 5.1.46 - Unauthenticated Arbitrary File Deletion via MyISAM Table Symlink Attack

GNU nano <2.2.4 - Local Privilege Escalation

Oracle Solaris - Arbitrary File Write via Symlink Attack on /tmp/CLEANUP

Chip Salzenberg Deliver - Symlink Attack

fcron < 3.0.5 - Arbitrary File Read via Symlink Attack

Puppet 0.24.0-0.24.8 and 0.25.0-0.25.1 - Arbitrary File Write via Symlink Attack on Temporary Files

Fusermount <2.7.5, <2.8.2 - Local Privilege Escalation

ncpfs 2.2.6 - Symlink Attack via ncpmount and ncpumount

Samba <3.4.5 - Privilege Escalation

cronie < 1.4.4 - Denial of Service via Symlink Attack on Temporary File

Bournal < 1.4.1 - Arbitrary File Overwrite via Symlink Attack on Temporary Files

CVE-2009-1143 HIGH

VMware open-vm-tools 2009.03.18-154848 - Symlink Attack via Realpath Race Condition in mount.vmhgfs

CVE-2009-1142 MEDIUM

VMware open-vm-tools 2009.03.18-154848 - Privilege Escalation via Symlink Attack on /tmp Files

CVE-2009-0035 MEDIUM

alsa-utils <1.0.19 - Local File Overwrite

fail2ban < 0.8.5 - Arbitrary File Write via Symlink Attack on Temporary Files

GNU groff 1.20.1 - Arbitrary File Overwrite via Symlink Attack on Temporary Files

groff < 1.21 - Arbitrary File Overwrite via Symlink Attack on Temporary File

groff < 1.21 - Arbitrary File Write via Symlink Attack on Temporary Directory

groff < 1.21 - Arbitrary File Overwrite via Symlink Attack on Temporary Files

Apple Mac OS X < 10.10.4 - Symlink Following

Cisco AnyConnect SSL VPN Trial Client - Arbitrary File Overwrite via Symlink Attack

PulseAudio 0.9.10 and 0.9.19 - Arbitrary File Ownership and Permissions Change via Symlink Attack

Previous Page 50 of 62 Next

Details

Vulnerabilities 1,527

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy