Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-07-18 | CVE-2008-3227 | Link Following vulnerability in Joomla Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability. | 7.5 |
2008-07-18 | CVE-2008-3216 | Link Following vulnerability in Debian Projectl 1.001 The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack. | 4.6 |
2008-06-06 | CVE-2008-2389 | Link Following vulnerability in Opensuse 10.2 opensuse-updater in openSUSE 10.2 allows local users to access arbitrary files via a symlink attack. | 4.9 |
2008-05-23 | CVE-2007-5495 | Link Following vulnerability in Selinux Setroubleshoot 2.0.5 sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the sealert.log temporary file. | 4.4 |
2008-05-18 | CVE-2008-0167 | Link Following vulnerability in Gforge 4.5.14 The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances. | 4.6 |
2008-05-16 | CVE-2008-2266 | Link Following vulnerability in multiple products uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. | 4.4 |
2008-04-28 | CVE-2008-1103 | Link Following vulnerability in Blender Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issues." | 6.9 |
2008-04-22 | CVE-2008-1901 | Link Following vulnerability in Debian Aptlinex aptlinex before 0.91 allows local users to overwrite arbitrary files via a symlink attack on the gambas-apt.lock temporary file. | 7.2 |
2008-04-22 | CVE-2008-1694 | Link Following vulnerability in GNU Emacs and Sccs vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 4.6 |
2008-04-16 | CVE-2007-5664 | Link Following vulnerability in IBM DB2 Universal Database 8/9.1/9.5 db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization. | 6.9 |