CWE-59
Medium likelihoodImproper Link Resolution Before File Access ('Link Following')
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
1,527 vulnerabilities with CWE-59
CVE-2008-5370
pvpgn <1.8.1 - Local File Overwrite
CVE-2008-5369
noip2 <2.1.7 - Local Privilege Escalation
CVE-2008-5368
muttprint <0.72d - Local Privilege Escalation
CVE-2008-5367
ppp-udeb 2.4.4rel - Info Disclosure
CVE-2008-5366
ppp <2.4.4rel - Local Info Disclosure
CVE-2008-5313
mailscanner <4.74.16-1 - Local File Overwrite
CVE-2008-5312
mailscanner <4.74.16-1 - Local File Overwrite
CVE-2008-5299
chm2pdf 0.9 - Local Privilege Escalation
CVE-2008-5256
Sun Innotek VirtualBox <2.0.6 - Local Privilege Escalation
CVE-2008-5157
tau 2.16.4 - Local Privilege Escalation
CVE-2008-5156
systemimager-server <3.6.3 - Local Privilege Escalation
CVE-2008-5155
smsclient 2.0.8z - Local Privilege Escalation
CVE-2008-5154
p3nfs 5.19 - Local Privilege Escalation
CVE-2008-5153
Moodle 1.8.2 - Local File Overwrite
CVE-2008-5152
mh-book <200605 - Local File Overwrite
CVE-2008-5151
mayavi 1.5 - Arbitrary File Overwrite via Symlink Attack on Temporary File
CVE-2008-5150
maildirsync 1.1 - Local Info Disclosure
CVE-2008-5149
libncbi6 <6.1.20080302 - Local Privilege Escalation
CVE-2008-5148
geda-gnetlist <1.4.0 - Local Privilege Escalation
CVE-2008-5147
docvert 2.4 - Local Privilege Escalation
CVE-2008-5146
ctn 3.0.6 - Arbitrary File Overwrite via Symlink Attack on /tmp/accession
CVE-2008-5145
ltp 20060918 - Local Privilege Escalation
CVE-2008-5144
nvidia-cg-toolkit <2.0.0015 - Local Privilege Escalation
CVE-2008-5143
multi-gnome-terminal 1.6.2 - Local Privilege Escalation
CVE-2008-5142
FreeBSD Sendbug <3.113+5.3 - Local Privilege Escalation
Details
Vulnerabilities
1,527
Exploit Likelihood
Medium