Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-02-11 | CVE-2008-0666 | Link Following vulnerability in Website Meta Language Website Meta Language 2.0.11 Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by wml_contrib/wmg.cgi and (2) temporary files used by wml_backend/p3_eperl/eperl_sys.c. | 3.6 |
| 2008-02-11 | CVE-2008-0665 | Link Following vulnerability in Website Meta Language Website Meta Language 2.0.11 wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file. | 3.6 |
| 2008-02-06 | CVE-2008-0613 | Link Following vulnerability in Xoops 2.0.18 Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the xoops_redirect parameter. | 5.0 |
| 2008-01-31 | CVE-2007-4998 | Link Following vulnerability in Linux Kernel cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination. | 6.9 |
| 2008-01-31 | CVE-2008-0525 | Link Following vulnerability in multiple products PatchLink Update client for Unix, as used by Novell ZENworks Patch Management Update Agent for Linux/Unix/Mac (LUM) 6.2094 through 6.4102 and other products, allows local users to (1) truncate arbitrary files via a symlink attack on the /tmp/patchlink.tmp file used by the logtrimmer script, and (2) execute arbitrary code via a symlink attack on the /tmp/plshutdown file used by the rebootTask script. | 4.6 |
| 2008-01-17 | CVE-2007-6692 | Link Following vulnerability in Menalto Gallery Open redirect vulnerability in Menalto Gallery before 2.2.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) Core and (2) print modules. | 6.4 |
| 2007-12-31 | CVE-2007-6595 | Link Following vulnerability in Clam Anti-Virus Clamav 0.92 ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled. | 2.1 |
| 2007-12-04 | CVE-2007-6208 | Link Following vulnerability in Claws Mail Claws Mail Tools sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary files via a symlink attack on the sylprint.[USER].[PID] temporary file. | 3.6 |
| 2007-11-20 | CVE-2007-6061 | Link Following vulnerability in Audacityteam Audacity 1.3.2 Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. | 5.0 |
| 2007-11-13 | CVE-2007-5940 | Link Following vulnerability in TUG Texlive 2007 feynmf.pl in feynmf 1.08, as used in TeXLive 2007, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the feynmf$$.pl temporary file. | 4.6 |