CWE-59— Improper Link Resolution Before File Access (Link Following)
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.— MITRE CWE catalog
1,471 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-59page 9 of 30
- CVE-2013-6402NONECVSS 0.0EG 0.02014-01-05
base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file.
- CVE-2013-6456NONECVSS 0.0EG 0.02014-04-15
The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; (2) create arbitrary nodes (mknod) v…
- CVE-2013-6891NONECVSS 0.0EG 0.02014-01-26
lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf.
- CVE-2013-7393NONECVSS 0.0EG 0.02014-07-28
The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for (1) svnwcsub.py or (2) irkerbridge.py when the --pidfile option is used. NOTE: this issue was …
- CVE-2014-0027NONECVSS 0.0EG 0.02014-01-26
The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information.
- CVE-2014-0243MEDIUMCVSS 5.5EG 5.52018-07-19
Check_MK through 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a file in /var/lib/check_mk_agent/job.
- CVE-2014-1272NONECVSS 0.0EG 0.02014-03-14
CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to change arbitrary file permissions by leveraging a symlink.
- CVE-2014-1420LOWCVSS 3.8EG 3.82020-09-11
On desktop, Ubuntu UI Toolkit's StateSaver would serialise data on tmp/ files which an attacker could use to expose potentially sensitive data. StateSaver would also open files without the O_EXCL flag. An attacker could exploit this to lau…
- CVE-2014-1638NONECVSS 0.0EG 0.02014-01-28
(1) debian/postrm and (2) debian/localepurge.config in localepurge before 0.7.3.2 use tempfile to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overw…
- CVE-2014-1639NONECVSS 0.0EG 0.02014-01-28
syncevo/installcheck-local.sh in syncevolution before 1.3.99.7 uses mktemp to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files…
- CVE-2014-1640NONECVSS 0.0EG 0.02014-01-28
axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on …
- CVE-2014-1859MEDIUMCVSS 5.5EG 5.52018-01-08
(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file.
- CVE-2014-1875NONECVSS 0.0EG 0.02014-10-06
The Capture::Tiny module before 0.24 for Perl allows local users to write to arbitrary files via a symlink attack on a temporary file.
- CVE-2014-1876NONECVSS 0.0EG 0.02014-02-10
The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log f…
- CVE-2014-1938MEDIUMCVSS 5.5EG 5.52019-11-21
python-rply before 0.7.4 insecurely creates temporary files.
- CVE-2014-2312MEDIUMCVSS 5.5EG 5.52018-03-26
The main function in android_main.cpp in thermald allows local users to write to arbitrary files via a symlink attack on /tmp/thermald.pid.
- CVE-2014-2524NONECVSS 0.0EG 0.02014-08-20
The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.
- CVE-2014-2893NONECVSS 0.0EG 0.02014-04-23
The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names.
- CVE-2014-3219HIGHCVSS 7.8EG 7.82018-02-09
fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/fishd.log.%s, (2) /tmp/.pac-cache.$USER, (3) /tmp/.yum-cache.$USER, or (4) /tmp/.rpm-cache.$USER.
- CVE-2014-3421NONECVSS 0.0EG 0.02014-05-08
lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.
- CVE-2014-3422NONECVSS 0.0EG 0.02014-05-08
lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.
- CVE-2014-3423NONECVSS 0.0EG 0.02014-05-08
lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file.
- CVE-2014-3424NONECVSS 0.0EG 0.02014-05-08
lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file.
- CVE-2014-3486NONECVSS 0.0EG 0.02014-07-07
The (1) shell_exec function in lib/util/MiqSshUtilV1.rb and (2) temp_cmd_file function in lib/util/MiqSshUtilV2.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 allow local users to execute arbitrary commands via a syml…
- CVE-2014-3537NONECVSS 0.0EG 0.02014-07-23
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.
- CVE-2014-3977NONECVSS 0.0EG 0.02014-06-08
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.
- CVE-2014-3981NONECVSS 0.0EG 0.02014-06-08
acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file.
- CVE-2014-3982NONECVSS 0.0EG 0.02014-06-08
include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.##### file.
- CVE-2014-3986NONECVSS 0.0EG 0.02014-06-08
include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.*.unsorted file with an easily determined name.
- CVE-2014-4038NONECVSS 0.0EG 0.02014-06-17
ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_te…
- CVE-2014-4150MEDIUMCVSS 5.5EG 5.52018-07-20
The scheme48-send-definition function in cmuscheme48.el in Scheme 48 allows local users to write to arbitrary files via a symlink attack on /tmp/s48lose.tmp.
- CVE-2014-4199NONECVSS 0.0EG 0.02014-08-28
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp.
- CVE-2014-4372NONECVSS 0.0EG 0.02014-09-18
syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to change the permissions of arbitrary files via a symlink attack on an unspecified file.
- CVE-2014-4480NONECVSS 0.0EG 0.02015-01-30
Directory traversal vulnerability in afc in AppleFileConduit in Apple iOS before 8.1.3 and Apple TV before 7.0.3 allows attackers to access unintended filesystem locations by creating a symlink.
- CVE-2014-4703NONECVSS 0.0EG 0.02014-12-05
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-47…
- CVE-2014-4996MEDIUMCVSS 5.5EG 5.52018-01-10
lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.#{target_host}.
- CVE-2014-5029NONECVSS 0.0EG 0.02014-07-29
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix fo…
- CVE-2014-5030NONECVSS 0.0EG 0.02014-07-29
CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py.
- CVE-2014-5045NONECVSS 0.0EG 0.02014-08-01
The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to caus…
- CVE-2014-5260NONECVSS 0.0EG 0.02014-08-16
The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file.
- CVE-2014-5459NONECVSS 0.0EG 0.02014-09-27
The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and us…
- CVE-2014-5509MEDIUMCVSS 5.5EG 5.52018-01-08
clipedit in the Clipboard module for Perl allows local users to delete arbitrary files via a symlink attack on /tmp/clipedit$$.
- CVE-2014-7206NONECVSS 0.0EG 0.02014-10-15
The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file.
- CVE-2014-8585NONECVSS 0.0EG 0.02014-11-04
Directory traversal vulnerability in the WordPress Download Manager plugin for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the fname parameter to (1) views/file_download.php or (2) file_download.php.
- CVE-2014-9512NONECVSS 0.0EG 0.02015-02-12
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.
- CVE-2015-0796MEDIUMCVSS 6.3EG 7.82018-03-02
In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before 2.4.8 the source service patch application could generate non-standard files like symlinks or device nodes, which could allow buildservice users to break of confinement…
- CVE-2015-1038NONECVSS 0.0EG 0.02015-01-21
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
- CVE-2015-1130HIGHCVSS 7.8EG 9.0⚠ KEV2015-04-10
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
- CVE-2015-1194NONECVSS 0.0EG 0.02015-01-21
pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
- CVE-2015-1196NONECVSS 0.0EG 0.02015-01-21
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file.
Map vulnerabilities like CWE-59 to your infrastructure
EchelonGraph correlates every CVE — across CWE-59 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →