CWE-59— Improper Link Resolution Before File Access (Link Following)
1,398 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-59page 1 of 28
- CVE-1999-0783MEDIUMCVSS 5.5EG 5.51998-06-16
FreeBSD allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system.
- CVE-1999-0794NONECVSS 0.0EG 0.01999-10-01
Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file.
- CVE-1999-0981NONECVSS 0.0EG 0.01999-12-08
Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect."
- CVE-1999-1386MEDIUMCVSS 5.5EG 5.51999-12-31
Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file.
- CVE-1999-1593NONECVSS 0.0EG 0.02009-01-15
Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. N…
- CVE-2000-0342HIGHCVSS 7.5EG 7.52000-04-28
Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."
- CVE-2000-0715NONECVSS 0.0EG 0.02000-10-20
DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file.
- CVE-2000-0972MEDIUMCVSS 5.5EG 5.52000-12-19
HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates.
- CVE-2000-1178MEDIUMCVSS 5.5EG 5.52001-01-09
Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes.
- CVE-2001-0131NONECVSS 0.0EG 0.02001-03-12
htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack.
- CVE-2001-1042HIGHCVSS 7.5EG 7.52001-07-02
Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.
- CVE-2001-1043HIGHCVSS 7.5EG 7.52001-07-01
ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.
- CVE-2001-1378NONECVSS 0.0EG 0.02001-09-06
fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files.
- CVE-2001-1386HIGHCVSS 7.5EG 7.52001-07-01
WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension.
- CVE-2001-1494MEDIUMCVSS 5.5EG 5.52001-12-31
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
- CVE-2001-1593NONECVSS 0.0EG 0.02014-04-05
The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file.
- CVE-2002-0725MEDIUMCVSS 5.5EG 5.52002-09-05
NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file.
- CVE-2002-0793MEDIUMCVSS 5.5EG 5.52002-08-12
Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow local users to overwrite arbitrary files via (1) the -f argument to the monitor utility, (2) the -d argument to dumper, (3) the -c argument to…
- CVE-2002-0824NONECVSS 0.0EG 0.02002-08-12
BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device.
- CVE-2002-2323HIGHCVSS 7.5EG 7.52002-12-31
Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access …
- CVE-2002-2374NONECVSS 0.0EG 0.02002-12-31
Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files."
- CVE-2002-2382NONECVSS 0.0EG 0.02002-12-31
cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out.
- CVE-2003-0578HIGHCVSS 7.8EG 7.82003-08-18
cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files.
- CVE-2003-0844HIGHCVSS 7.1EG 7.12003-11-17
mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix sy…
- CVE-2003-1492NONECVSS 0.0EG 0.02003-12-31
Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end.
- CVE-2003-1528NONECVSS 0.0EG 0.02003-12-31
nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to overwrite arbitrary files via a symlink attack on the nsrsh[PID] temporary file.
- CVE-2004-0217HIGHCVSS 7.0EG 7.02004-04-15
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.
- CVE-2004-0689HIGHCVSS 7.1EG 7.12004-09-28
KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
- CVE-2004-0967NONECVSS 0.0EG 0.02005-02-09
The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on t…
- CVE-2004-1603MEDIUMCVSS 5.5EG 5.52004-10-18
cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users to (1) read arbitrary files via the backup feature or (2) chown arbitrary files via the .htaccess file when Front Page extensions are enabled or disabled.
- CVE-2004-1901MEDIUMCVSS 5.5EG 5.52004-12-31
Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles.
- CVE-2004-2473NONECVSS 0.0EG 0.02004-12-31
wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
- CVE-2005-0004NONECVSS 0.0EG 0.02005-04-14
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
- CVE-2005-0587MEDIUMCVSS 6.5EG 6.52005-03-25
Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK fi…
- CVE-2005-0824MEDIUMCVSS 5.5EG 5.52005-05-02
The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is running with the -n option, allows local users to overwrite arbitrary files via a symlink attack on dump files that are triggered by a SIGWINCH…
- CVE-2005-1879MEDIUMCVSS 5.5EG 5.52005-06-09
LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
- CVE-2005-1880MEDIUMCVSS 5.5EG 5.52005-06-06
everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
- CVE-2005-1916MEDIUMCVSS 5.5EG 5.52005-07-06
linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.
- CVE-2005-2527NONECVSS 0.0EG 0.02005-12-31
Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to corrupt files or create arbitrary files via unspecified attack vectors related to a temporary directory, possibly due to a symlink attack.
- CVE-2005-2714NONECVSS 0.0EG 0.02005-12-31
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file.
- CVE-2005-3011NONECVSS 0.0EG 0.02005-09-21
The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
- CVE-2005-3126NONECVSS 0.0EG 0.02005-12-31
The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and earlier allow local users to overwrite arbitrary files via a symlink attack on temporary (a) output and (b) error files.
- CVE-2005-3349NONECVSS 0.0EG 0.02005-11-18
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file.
- CVE-2006-1247NONECVSS 0.0EG 0.02006-04-19
rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
- CVE-2006-5851NONECVSS 0.0EG 0.02006-11-10
openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328.
- CVE-2007-1027NONECVSS 0.0EG 0.02007-02-21
Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users to overwrite arbitrary files via a symlink attack on the DB2DIAG.LOG temporary file.
- CVE-2007-2978NONECVSS 0.0EG 0.02007-06-01
Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
- CVE-2007-3103NONECVSS 0.0EG 0.02007-07-15
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
- CVE-2007-3916NONECVSS 0.0EG 0.02007-09-24
The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete arbitrary files via a symlink attack on a skkdic$PID temporary file.
- CVE-2007-3919NONECVSS 0.0EG 0.02007-10-28
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
Map vulnerabilities like CWE-59 to your infrastructure
EchelonGraph correlates every CVE — across CWE-59 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →