Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-03-04 | CVE-2008-6397 | Link Following vulnerability in Alcovebook Sgml2X 1.0.0 rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 4.4 |
| 2009-02-10 | CVE-2008-4284 | Link Following vulnerability in IBM Websphere Application Server Open redirect vulnerability in the ibm_security_logout servlet in IBM WebSphere Application Server (WAS) 5.1.1.19 and earlier 5.x versions, 6.0.x before 6.0.2.33, and 6.1.x before 6.1.0.23 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the logoutExitPage feature. | 5.8 |
| 2009-02-06 | CVE-2009-0473 | Link Following vulnerability in Rockwellautomation Controllogix 1756-Enbt/A Ethernet/ IP Bridge Open redirect vulnerability in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 6.8 |
| 2009-02-03 | CVE-2009-0416 | Link Following vulnerability in Standards Based Linux Instrumentation Sblim-Sfcb 1.3.2 The SSL certificate setup program (genSslCert.sh) in Standards Based Linux Instrumentation for Manageability (SBLIM) sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /var/tmp/key.pem, (2) /var/tmp/cert.pem, and (3) /var/tmp/ssl.cnf temporary files. | 6.9 |
| 2009-02-02 | CVE-2008-4990 | Link Following vulnerability in Enomaly Elastic Computing Platform Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file. | 6.9 |
| 2009-01-29 | CVE-2009-0347 | Link Following vulnerability in Autonomy Ultraseek NIL Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultraseek search engine allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter. | 5.8 |
| 2009-01-28 | CVE-2009-0321 | Link Following vulnerability in Apple Safari 3.2.1 Apple Safari 3.2.1 (aka AppVer 3.525.27.1) on Windows allows remote attackers to cause a denial of service (infinite loop or access violation) via a link to an http URI in which the authority (aka hostname) portion is either a (1) . | 4.3 |
| 2009-01-28 | CVE-2009-0313 | Link Following vulnerability in Kegel Winetricks 20081127 winetricks before 20081223 allows local users to overwrite arbitrary files via a symlink attack on the x_showmenu.txt temporary file. | 6.9 |
| 2009-01-27 | CVE-2009-0032 | Link Following vulnerability in Apple Cups CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file. | 6.9 |
| 2009-01-15 | CVE-1999-1593 | Link Following vulnerability in Microsoft Windows 2000, Windows 95 and Windows 98 Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. | 7.6 |