Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-11-08 | CVE-2007-4129 | Link Following vulnerability in Fedoraproject Coolkey 1.1.0 CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory. | 3.3 |
| 2007-11-08 | CVE-2007-3921 | Link Following vulnerability in Gforge 3.1/4.5.14 gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files via a symlink attack on temporary files. | 3.3 |
| 2007-11-06 | CVE-2007-5839 | Link Following vulnerability in Bitchx 1.1A The e_hostname function in commands.c in BitchX 1.1a allows local users to overwrite arbitrary files via a symlink attack on temporary files when using the (1) HOSTNAME or (2) IRCHOST command. | 4.6 |
| 2007-11-05 | CVE-2007-5805 | Link Following vulnerability in IBM AIX 5.2/5.3 cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the argument. | 6.9 |
| 2007-10-30 | CVE-2007-5718 | Link Following vulnerability in Vobcopy 0.5.14 vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file. | 4.9 |
| 2007-10-29 | CVE-2007-5695 | Link Following vulnerability in Sitebar 3.3.8 Open redirect vulnerability in command.php in SiteBar 3.3.8 allows remote attackers to redirect users to arbitrary web sites via a URL in the forward parameter in a Log In action. | 6.4 |
| 2007-10-28 | CVE-2007-3919 | Link Following vulnerability in Xensource INC XEN 3.0.301/3.0.303 (1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm. | 6.0 |
| 2007-10-14 | CVE-2007-5200 | Link Following vulnerability in Opensuse 10.2/10.3 hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugin_debug_optim_results.txt temporary file. | 3.3 |
| 2007-10-13 | CVE-2007-5437 | Link Following vulnerability in Broadcom Etrust Integrated Threat Management 8.1 The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689. | 5.8 |
| 2007-10-12 | CVE-2007-5377 | Link Following vulnerability in GNU Tramp 2.1.10 The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file functions in Tramp 2.1.10 extension for Emacs, and possibly earlier 2.1.x versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 6.9 |