CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,532 vulnerabilities with CWE-59
CVE-2008-4956
fwbuilder 2.1.19 - Arbitrary File Overwrite via Symlink Attack on Temporary File
CVE-2008-4955
freevo 1.8.1 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4954
fml 4.0.3 - Arbitrary File Overwrite via Symlink Attack on Temporary File
CVE-2008-4953
firehol 1.256 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4952
emacs-jabber 0.7.91 - Arbitrary File Write via Symlink Attack on Temporary Log File
CVE-2008-4951
dtc-common 0.29.6 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4950
dpkg-cross 2.3.0 - Arbitrary File Overwrite via Symlink Attack on Temporary File
CVE-2008-4949
dist 3.5 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4948
digitaldj 0.7.5 - Arbitrary File Overwrite via Symlink Attack on /tmp/ddj_fest.tmp
CVE-2008-4947
dhis-server < 5.3 - Arbitrary File Write via Symlink Attack on Temporary Log File
CVE-2008-4946
convirt 0.8.2 - Arbitrary File Overwrite via Symlink Attack on /tmp/set_output
CVE-2008-4945
cdrw-taper 0.4 - Arbitrary File Overwrite via Symlink Attack on Temporary Directory
CVE-2008-4944
cdcontrol 1.90 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4943
bulmages-servers 0.11.1 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4942
audiolink 0.05 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4941
arb-common 0.0.20071207.1 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4940
aptoncd 0.1 - Arbitrary File Overwrite via Symlink Attack on Temporary File
CVE-2008-4939
apertium 3.0.7 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4938
aegis and aegis-web 4.24 - Arbitrary File Overwrite via Symlink Attack on Temporary Files
CVE-2008-4937
OpenOffice.org 2.4.1 - Arbitrary File Overwrite via Symlink Attack on Temporary File
CVE-2008-4936
mgetty 1.1.36 - Arbitrary File Overwrite via Symlink Attack on Temporary File
CVE-2008-4935
aview 1.3.0 - Arbitrary File Overwrite via Symlink Attack on Temporary File
CVE-2008-4908
CrossFire crossfire-maps 1.11.0 - Arbitrary File Overwrite via Symlink Attack on Temporary File
CVE-2008-4694
Opera < 9.60 - Remote Code Execution via Crafted Redirect URL
CVE-2008-4639
jhead < 2.84 - Arbitrary File Overwrite via Symlink Attack on Temporary File
Details
Vulnerabilities 1,532
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits