Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,532 vulnerabilities with CWE-59

cman - Arbitrary File Modification via Symlink Attack on Temporary File

cman - Arbitrary File Write via Symlink Attack on apclog Temporary File

qemu 0.9.1-5 - Arbitrary File Overwrite via Symlink Attack on Temporary Files

mon 0.99.2 - Arbitrary File Write via Symlink Attack on test.alert.log

sympa 5.3.4 - Arbitrary File Overwrite via Symlink Attack on Temporary File

ibackup 2.27 - Arbitrary File Overwrite via Symlink Attack on Temporary Files

freeradius 2.0.4 - Arbitrary File Overwrite via Symlink Attack on Temporary Files

feta 1.4.16 - Arbitrary File Overwrite via Symlink Attack on Temporary Files

xsabre - Arbitrary File Deletion and Overwrite via Symlink Attack on Temporary Files

JasPer 1.900.1 - Denial of Service via Temporary File Race Condition

cman 2.20080629 and 2.20080801 - Arbitrary File Write via Symlink Attack on /tmp/eglog

rc.sysinit <8.76.3-1 - Local File Deletion

Emacspeak 26 and 28 - Arbitrary File Overwrite via Symlink Attack on Temporary File

Openswan <=2.4.12, 2.6.x<=2.6.16 - Arbitrary File Write and Code Execution via Symlink Attack

NooMS 1.1 - Open Redirect via g_site_url Parameter

Python 2.4.5 - Arbitrary File Overwrite via Symlink Attack on Temporary File

Joomla! 1.5.0-1.5.6 - Open Redirect via Passed-in URL

Canonical Ubuntu Linux - Symlink Following

Plait < 1.6 - Arbitrary File Overwrite via Symlink Attack on Temporary Files

HP TCP/IP Services for OpenVMS 5.x - Info Disclosure

Tiger 3.2.2 - Local Privilege Escalation

honeyd_common - Arbitrary File Overwrite via Symlink Attack on Temporary File

Ampache 3.4.1 - Local Privilege Escalation

Citadel Server 7.37 - Local Privilege Escalation

R <2.7.2 - Local Privilege Escalation

Previous Page 57 of 62 Next

Details

Vulnerabilities 1,532

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy