Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,532 vulnerabilities with CWE-59

guilt 0.27 - Arbitrary File Overwrite via Symlink Attack on Temporary Log File

SKK Tools 1.2 - Arbitrary File Overwrite via Symlink Attack on Temporary File

PHP < 5.2.4 - Local Symlink Bypass of open_basedir Restrictions via Session File

QGit up to 2pre1 - Arbitrary File Write via Symlink Attack on Predictable Temporary Files

KDE Konqueror 3.5.7 - URL Spoofing via setInterval

Safari < 3.0.2 - Phishing via IDN Homograph Spoofing

Fedora Core - Arbitrary File Permission Change via Symlink Attack on /tmp/.font-unix

eggblog < 3.1.0 - Session Fixation via PHPSESSID Parameter

IBM DB2 <9 FP2 - Local File Overwrite

OpenBase SQL < 10.0.1 - Arbitrary File Creation via Symlink Attack on /tmp/output

AIX 5.1.0-5.3.0 - Local Privilege Escalation

Java < 1.4.2 Release 2 - Arbitrary File Creation via Temporary Directory Race Condition

Mac OS X <10.3.9, <10.4.5 - Local Info Disclosure

Antiword <0.35 - Local File Overwrite

GNU Gnump3d < 2.9.8 - Arbitrary File Modification via Symlink Attack on index.lok

texinfo <4.8 - Local Privilege Escalation

CVE-2005-1916 MEDIUM

ekg < 2005-06-05 - Arbitrary File Write via Symlink Attack on Temporary Files

CVE-2005-1879 MEDIUM

LutelWall < 0.98 - Arbitrary File Overwrite via Symlink Attack on Temporary File

CVE-2005-1880 MEDIUM

everybuddy < 0.4.3 - Arbitrary File Overwrite via Symlink Attack on Temporary File

CVE-2005-0824 MEDIUM

mathopd < 1.5p5 and 1.6x < 1.6b6 BETA - Arbitrary File Overwrite via Symlink Attack on Dump Files

CVE-2005-1111 MEDIUM

cpio <2.6 - Local Privilege Escalation

MySQL < 4.0.23, 4.1.x < 4.1.10, 5.0.x < 5.0.3 - Arbitrary File Write via Symlink Attack on Temporary Files

CVE-2005-0587 MEDIUM

Firefox < 1.0.1 and Mozilla < 1.7.6 - Arbitrary File Overwrite via .LNK File Download

Trustix Secure Linux <2.1 - Local File Overwrite

CVE-2004-1901 MEDIUM

Portage < 2.0.50-r3 - Arbitrary File Overwrite via Hard Link Attack

Previous Page 60 of 62 Next

Details

Vulnerabilities 1,532

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy