Total
1299 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2382 | 1 Cvsup | 1 Cvsup | 2025-04-03 | N/A |
| cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out. | ||||
| CVE-2001-1378 | 2 Fetchmail, Redhat | 2 Fetchmail, Linux | 2025-04-03 | N/A |
| fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files. | ||||
| CVE-2002-2374 | 1 Sun | 1 Patchpro | 2025-04-03 | N/A |
| Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files." | ||||
| CVE-2000-0972 | 1 Hp | 1 Hp-ux | 2025-04-03 | 5.5 Medium |
| HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates. | ||||
| CVE-2002-0793 | 1 Blackberry | 1 Qnx Neutrino Real-time Operating System | 2025-04-03 | 5.5 Medium |
| Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow local users to overwrite arbitrary files via (1) the -f argument to the monitor utility, (2) the -d argument to dumper, (3) the -c argument to crttrap, or (4) using the Watcom sample utility. | ||||
| CVE-2005-1916 | 2 Debian, Ekg Project | 2 Debian Linux, Ekg | 2025-04-03 | 5.5 Medium |
| linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2005-1880 | 1 Everybuddy | 1 Everybuddy | 2025-04-03 | 5.5 Medium |
| everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget. | ||||
| CVE-2001-1494 | 3 Avaya, Kernel, Redhat | 8 Cvlan, Integrated Management Suit, Interactive Response and 5 more | 2025-04-03 | 5.5 Medium |
| script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command. | ||||
| CVE-2005-0004 | 3 Debian, Mariadb, Oracle | 3 Debian Linux, Mariadb, Mysql | 2025-04-03 | N/A |
| The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files. | ||||
| CVE-2002-0725 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 5.5 Medium |
| NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file. | ||||
| CVE-2004-2473 | 1 Wmfrog | 1 Wmfrog | 2025-04-03 | N/A |
| wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-1999-0981 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect." | ||||
| CVE-2003-0578 | 1 Ibm | 1 U2 Universe | 2025-04-03 | 7.8 High |
| cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files. | ||||
| CVE-2005-0824 | 1 Mathopd | 1 Mathopd | 2025-04-03 | 5.5 Medium |
| The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is running with the -n option, allows local users to overwrite arbitrary files via a symlink attack on dump files that are triggered by a SIGWINCH signal. | ||||
| CVE-2004-1603 | 1 Cpanel | 1 Cpanel | 2025-04-03 | 5.5 Medium |
| cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users to (1) read arbitrary files via the backup feature or (2) chown arbitrary files via the .htaccess file when Front Page extensions are enabled or disabled. | ||||
| CVE-2004-0967 | 2 Aladdin Enterprises, Redhat | 2 Ghostscript, Enterprise Linux | 2025-04-03 | N/A |
| The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on temporary files. | ||||
| CVE-2001-1386 | 1 Texasimperialsoftware | 1 Wftpd | 2025-04-03 | 7.5 High |
| WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension. | ||||
| CVE-2002-0824 | 1 Freebsd | 1 Point-to-point Protocol Daemon | 2025-04-03 | N/A |
| BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device. | ||||
| CVE-2002-2323 | 1 Sun | 1 Solaris Pc Netlink | 2025-04-03 | 7.5 High |
| Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions. | ||||
| CVE-2000-0715 | 3 Conectiva, Kirk Bauer, Redhat | 3 Linux, Diskcheck, Powertools | 2025-04-03 | N/A |
| DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file. | ||||