CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,527 vulnerabilities with CWE-59
CVE-2008-4979
rancid 2.3.2~a8 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4978
radiance 3R9+20080530 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4977
Postfix 2.5.2 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4976
ogle and ogle-mmx 0.9.2 - Arbitrary File Write via Symlink Attack on Temporary Files
CVE-2008-4975
newsgate 1.6 - Arbitrary File Overwrite via Symlink Attack on Temporary File
CVE-2008-4974
netmrg 0.20 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4973
myspell 3.1 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4972
mgt 2.31 - Arbitrary File Overwrite via Symlink Attack on Temporary File
CVE-2008-4971
mafft 6.240 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4970
lustre-tests - Arbitrary File Overwrite via Symlink Attack on /tmp/iozone.log
CVE-2008-4969
ltp-network-test 20060918 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4968
lmbench 3.0-a7 - Arbitrary File Overwrite via Symlink Attack on Temporary File
CVE-2008-4967
linuxtrade 3.65 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4966
linux-patch-openswan 2.4.12 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4965
liguidsoap 0.3.8.1+2 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4964
konwert 1.8 - Arbitrary File Deletion via Symlink Attack on Temporary File
CVE-2008-4960
impose+ 0.2 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4959
gpsdrive-scripts 2.10~pre4 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4958
gdrae 0.1 - Arbitrary File Overwrite via Symlink Attack on Temporary File
CVE-2008-4957
gccxml 0.9.0 - Arbitrary File Overwrite via Symlink Attack on Temporary File
CVE-2008-4956
fwbuilder 2.1.19 - Arbitrary File Overwrite via Symlink Attack on Temporary File
CVE-2008-4955
freevo 1.8.1 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4954
fml 4.0.3 - Arbitrary File Overwrite via Symlink Attack on Temporary File
CVE-2008-4953
firehol 1.256 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4952
emacs-jabber 0.7.91 - Arbitrary File Write via Symlink Attack on Temporary Log File
Details
Vulnerabilities 1,527
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits