Filtered by CWE-59
Total 1328 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-0032 2 Apple, Mandriva 4 Cups, Corporate Server, Linux and 1 more 2025-04-09 N/A
CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.
CVE-2007-5805 1 Ibm 1 Aix 2025-04-09 N/A
cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the argument. NOTE: this issue is due to an incomplete fix for CVE-2007-5804.
CVE-2008-3791 1 Lxde 1 Lightweight X11 Desktop Environment 2025-04-09 N/A
src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rot.jpg temporary file.
CVE-2008-5139 1 Javier Fernandez 1 Jailer 2025-04-09 N/A
updatejail in jailer 0.4 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/#####.updatejail temporary file.
CVE-2007-5695 1 Sitebar 1 Sitebar 2025-04-09 N/A
Open redirect vulnerability in command.php in SiteBar 3.3.8 allows remote attackers to redirect users to arbitrary web sites via a URL in the forward parameter in a Log In action.
CVE-2008-6762 1 Wordpress 1 Wordpress 2025-04-09 N/A
Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backto parameter.
CVE-2007-5664 1 Ibm 1 Db2 Universal Database 2025-04-09 N/A
db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization.
CVE-2008-6398 1 Eric Raymond 1 Sng 2025-04-09 N/A
sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/recompiled$$.png, (2) /tmp/decompiled$$.sng, and (3) /tmp/canonicalized$$.sng temporary files.
CVE-2008-6397 1 Alcovebook 1 Sgml2x 2025-04-09 N/A
rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2008-0525 3 Lumension Security, Novell, Unix 3 Patchlink Update, Zenworks Patch Management Update Agent, Unix 2025-04-09 N/A
PatchLink Update client for Unix, as used by Novell ZENworks Patch Management Update Agent for Linux/Unix/Mac (LUM) 6.2094 through 6.4102 and other products, allows local users to (1) truncate arbitrary files via a symlink attack on the /tmp/patchlink.tmp file used by the logtrimmer script, and (2) execute arbitrary code via a symlink attack on the /tmp/plshutdown file used by the rebootTask script.
CVE-2008-4958 1 Alejandro Garrido Mota 1 Gdrae 2025-04-09 N/A
gdrae in gdrae 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gdrae/palabra temporary file.
CVE-2008-5746 1 Sun 2 Snmp Management Agent, Solaris 2025-04-09 N/A
Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on temporary files.
CVE-2007-5495 2 Redhat, Selinux 3 Enterprise Linux, Enterprise Linux Desktop, Setroubleshoot 2025-04-09 N/A
sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the sealert.log temporary file.
CVE-2008-4957 1 Gccxml 1 Gccxml 2025-04-09 N/A
find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.cxx temporary file.
CVE-2008-4956 1 Firewallbuilder 1 Fwbuilder 2025-04-09 N/A
fwb_install in fwbuilder 2.1.19 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ssh-agent.##### temporary file.
CVE-2008-5743 1 Pdfjam 1 Pdfjam 2025-04-09 N/A
pdfjam creates the (1) pdf90, (2) pdfjoin, and (3) pdfnup files with a predictable name, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-2008-5704 1 Gpsdrive 1 Gpsdrive 2025-04-09 N/A
src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4 might allow local users to overwrite arbitrary files via a symlink attack on the /tmp/gpsdrive-unit-test/proc temporary file, a different vector than CVE-2008-4959 and CVE-2008-5380.
CVE-2007-5207 1 Debian 1 Guilt 2025-04-09 N/A
guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file.
CVE-2007-4998 1 Linux 1 Linux Kernel 2025-04-09 N/A
cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination.
CVE-2007-5839 1 Bitchx 1 Bitchx 2025-04-09 N/A
The e_hostname function in commands.c in BitchX 1.1a allows local users to overwrite arbitrary files via a symlink attack on temporary files when using the (1) HOSTNAME or (2) IRCHOST command.