Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,532 vulnerabilities with CWE-59

wyrd 1.4.3b - Arbitrary File Overwrite via Symlink Attack on Temporary File

Linux kernel 2.6 - Unauthenticated Resource Access via Symlink Attack in /proc

Apache Geronimo - Improper Link Resolution Before File Access via chown Operation

Website META Language 2.0.11 - Arbitrary File Overwrite via Symlink Attack on Temporary File

Website META Language 2.0.11 - Arbitrary File Overwrite via Symlink Attack on Temporary Files

XOOPS 2.0.18 - Open Redirect via xoops_redirect Parameter

PatchLink Update & Novell ZENworks Patch Management - Arbitrary File Truncation & Code Execution via Symlink Attacks

setroubleshoot 2.0.5 - Arbitrary File Overwrite via Symlink Attack on sealert.log

IBM DB2 Universal Database - Arbitrary File Overwrite via Symlink Attack on Initialization Files

Linux Kernel - Arbitrary File Overwrite via Symlink Attack in cp with Preserve Symlinks Option

Menalto Gallery <2.2.4 - Open Redirect

ClamAV 0.92 - Arbitrary File Overwrite via Symlink Attack on Temporary Files

Claws Mail Tools - Local Privilege Escalation

Audacity 1.3.2 - Denial of Service and Arbitrary File Deletion via Symlink Attack

TeXLive 2007 - Arbitrary File Write and Code Execution via Symlink Attack on feynmf$$.pl Temporary File

gforge 3.1 and 4.5.14 - Arbitrary File Truncation via Symlink Attack

CoolKey 1.1.0 - Privilege Escalation

BitchX 1.1a - Local Privilege Escalation

IBM AIX - Local Privilege Escalation

vobcopy 0.5.14 - Arbitrary File Write via Symlink Attack on Temporary Files

SiteBar 3.3.8 - Open Redirect via Forward Parameter

Xen <= 3.1 - Arbitrary File Truncation via Symlink Attack on /tmp/xenq-shm

Opensuse - Symlink Following

CA eTrust ITM 8.1 - Open Redirect via HTTP URL on Port 6689

Tramp 2.1.10 - Arbitrary File Overwrite via Symlink Attack on Temporary Files

Previous Page 59 of 62 Next

Details

Vulnerabilities 1,532

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy